RE: is it true about ASA?

From: verb2300@yahoo.com
Date: Sun Jul 20 2008 - 20:44:59 ART

• Next message: johnnieutah1@gmail.com: "EIGRP Authentication verification"
• Previous message: Zealist Hamamd: "Re: OSPF Network Types Error"
• Maybe in reply to: Muhammad Nasim: "is it true about ASA?"
• Next in thread: sushil menon: "Re: is it true about ASA?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

No, a nat statement is not the same as nat control. You are matching all traffic entering your inside interface with a nat statement. That's it. Nat control is global and applies to all traffic sourced from a higher security interface to a lower security interface making a nat statement a requirment for traffic flows. If you really want to understand look at the difference between pix code 6.3 and 7.0 specifically the implementation of MPF.

Muhammad Nasim wrote:
> Dear All,
> Is it true that if we enable pat on ASA for e.g
> nat (inside) 1 0 0
> global (outside) 1 interface
> Then ASA will behave same as "nat-control" is enabled. (Although
> nat-control is disabled).
> Any inputs and links will be helpful
> Thanks
> --
> Muhammad Nasim
> Network Engineer
> Saudi Arabia

• Next message: johnnieutah1@gmail.com: "EIGRP Authentication verification"
• Previous message: Zealist Hamamd: "Re: OSPF Network Types Error"
• Maybe in reply to: Muhammad Nasim: "is it true about ASA?"
• Next in thread: sushil menon: "Re: is it true about ASA?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:56 ART