From: Jason W. Miller (jaymiller5@gmail.com)
Date: Sun Jul 20 2008 - 16:16:43 ART
It is documented that once you enable PAT/NAT globally on any 1 interfcae
its the default bahavior on all interfaces. You can lab this up and validate
this as well.
And the giant thread does begin ;-)
On Sun, Jul 20, 2008 at 3:08 PM, Muhammad Nasim <muhammad.nasim@gmail.com>
wrote:
> Now here is the Conflict b/w sushil and jason : )
>
> OK lets put another way
>
>
> *PATTING ON ANY INTERFACE* = "*NAT-CONTROL" command on the ASA. *
>
> I think logically speaking if any one have to do patting on any interface
> it is better to enable "nat-control" so there will no confusion any more : )
>
> AM I correct
>
> Please confirm
>
>
>
>
> 2008/7/20 Jason W. Miller <jaymiller5@gmail.com>:
>
> No true once you enable PAT/NAT globally on the device the default
>> behavior on all interfaces is nat-control.
>>
>>
>>
>> On Sun, Jul 20, 2008 at 1:49 PM, sushil menon <sushilmenon2001@gmail.com>
>> wrote:
>>
>>> hi this case all the traffic from the inside will be natted while going
>>> on
>>> the outside. even though nat control is disabled. but traffic from dmz to
>>> outside will not be natted since nat-control is disabled.
>>>
>>> regards
>>>
>>> sushil
>>>
>>> On Sun, Jul 20, 2008 at 10:00 PM, Muhammad Nasim <
>>> muhammad.nasim@gmail.com>
>>> wrote:
>>>
>>> > Dear All,
>>> >
>>> > Is it true that if we enable pat on ASA for e.g
>>> >
>>> > nat (inside) 1 0 0
>>> > global (outside) 1 interface
>>> >
>>> > Then ASA will behave same as "nat-control" is enabled. (Although
>>> > nat-control is disabled).
>>> >
>>> >
>>> >
>>> >
>>> > Any inputs and links will be helpful
>>> >
>>> > Thanks
>>> >
>>> >
>>> > --
>>> > Muhammad Nasim
>>> > Network Engineer
>>> > Saudi Arabia
>>>
>>>
>>
>
>
> --
> Muhammad Nasim
> Network Engineer
> Saudi Arabia
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:56 ART