9-27
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 9 Network Address Translation (NAT)
Static NAT
Static NAT
The following topics explain static NAT and how to implement it.
•
•
Configure Static Network Object NAT or Static NAT-with-Port-Translation, page 9-32
•
Configure Static Twice NAT or Static NAT-with-Port-Translation, page 9-34
About Static NAT
Static NAT creates a fixed translation of a real address to a mapped address. Because the mapped address
is the same for each consecutive connection, static NAT allows bidirectional connection initiation, both
to and from the host (if an access rule exists that allows it). With dynamic NAT and PAT, on the other
hand, each host uses a different address or port for each subsequent translation, so bidirectional initiation
is not supported.
The following figure shows a typical static NAT scenario. The translation is always active so both real
and remote hosts can initiate connections.
Figure 9-5
Static NAT
Note
You can disable bidirectionality if desired.
Static NAT with Port Translation
Static NAT with port translation lets you specify a real and mapped protocol (TCP or UDP) and port.
•
About Static NAT with Port Address Translation, page 9-27
•
Static NAT with Identity Port Translation, page 9-28
•
Static NAT with Port Translation for Non-Standard Ports, page 9-29
•
Static Interface NAT with Port Translation, page 9-29
About Static NAT with Port Address Translation
When you specify the port with static NAT, you can choose to map the port and/or the IP address to the
same value or to a different value.
10.1.1.1
209.165.201.1
In
s
ide
O
u
t
s
ide
10.1.1.2
209.165.201.2
130035
S
ec
u
rity
Appli
a
nce
Содержание ASA 5508-X
Страница 11: ...P A R T 1 Access Control ...
Страница 12: ......
Страница 60: ...4 14 Cisco ASA Series Firewall CLI Configuration Guide Chapter 4 Access Rules History for Access Rules ...
Страница 157: ...P A R T 2 Network Address Translation ...
Страница 158: ......
Страница 204: ...9 46 Cisco ASA Series Firewall CLI Configuration Guide Chapter 9 Network Address Translation NAT History for NAT ...
Страница 232: ...10 28 Cisco ASA Series Firewall CLI Configuration Guide Chapter 10 NAT Examples and Reference DNS and NAT ...
Страница 233: ...P A R T 3 Service Policies and Application Inspection ...
Страница 234: ......
Страница 379: ...P A R T 4 Connection Management and Threat Detection ...
Страница 380: ......
Страница 400: ...16 20 Cisco ASA Series Firewall CLI Configuration Guide Chapter 16 Connection Settings History for Connection Settings ...
Страница 414: ...17 14 Cisco ASA Series Firewall CLI Configuration Guide Chapter 17 Quality of Service History for QoS ...