Which Auto NAT policies are processed first ?

Which Auto NAT policies are processed first ?

Which Auto NAT policies are processed first ?

A.
Dynamic with longest prefix

B.
Dynamic with shortest prefix

C.
Static with longest prefix

D.
Static with shortest prefix

Explanation:
BD
All packets processed by the ASA are evaluated against the NAT table. This evaluation starts at the top
(Section 1) and works down until a NAT rule is matched. Once a NAT rule is matched, that NAT rule is applied
to the connection and no more NAT policies are checked against the packet.
+ Section 1 – Manual NAT policies: These are processed in the order in which they appear in the configuration.
+ Section 2 – Auto NAT policies: These are processed based on the NAT type (static or dynamic) and the prefix
(subnet mask) length in the object.
+ Section 3 – After-auto manual NAT policies: These are processed in the order in which they appear in the
configuration.

Source: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generationfirewalls/116388-technote-nat-00.html



Leave a Reply 0

Your email address will not be published. Required fields are marked *