{"id":547,"date":"2011-05-24T19:24:58","date_gmt":"2011-05-24T19:24:58","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2011\/05\/24\/cisco-asa-83-no-nat-nat-exemption\/"},"modified":"2021-08-01T08:15:39","modified_gmt":"2021-08-01T08:15:39","slug":"cisco-asa-83-no-nat-nat-exemption","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Cisco-ASA\/cisco-asa-83-no-nat-nat-exemption.html","title":{"rendered":"Cisco ASA 8.3 – No NAT \/ NAT Exemption"},"content":{"rendered":"
As we all know Cisco`s new ASA version 8.3 brings massive changes in NAT. This article describes and explains how NAT exemption (no NAT) is now configured.<\/p>\n
Below provides examples of both pre and post 8.3 no NAT configurations.<\/p>\n
Pre 8.3 a access-list was configured to define the source network and destination network. This access-list is then referenced in a NAT 0 statement to ensure all traffic traveling from the local LAN to the remote LAN is not NAT`d.\u00a0 Within 8.3 and later the networks are defined as objects via the use of object groups. These object groups are then referenced within the NAT statement to define both the pre and post NAT (real \/ mapped) addresses.<\/p>\n object network REMOTE_LAN nat (inside,outside) source static LOCAL_LAN LOCAL_LAN destination static REMOTE_LAN REMOTE_LAN<\/p>\n To make things clearer you can see the structure of the NAT statement below.<\/p>\n As we all know Cisco`s new ASA version 8.3 brings massive changes in NAT. This article describes and explains how NAT exemption (no NAT) is now configured. Below provides examples of both pre and post 8.3 no NAT configurations. Example Details Local LAN – 192.168.0.0\/24 Remote LAN – 172.168.0.0\/24 Traffic is arriving on the inside … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"yoast_head":"\n
\n<\/strong><\/p>\naccess-list NO-NAT permit ip 192.168.0.0 255.255.255.0 172.16.0.0 255.255.255.0\r\nnat (inside) 0 access-list NO-NAT<\/pre>\n
Post 8.3\u00a0 <\/strong><\/h4>\n
object network LOCAL_LAN\r\nsubnet 192.168.0.0 255.255.0.0<\/pre>\n
\nsubnet 172.16.0.0 255.255.0.0<\/p>\nnat (real interface,mapped interface) source static [real_object] [mapped_object] destination s\r\ntatic [real_object] [mapped_object]<\/pre>\n","protected":false},"excerpt":{"rendered":"