In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-21 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Type of NAT
The configuration of NAT on ASA is more complicated than that of routers. NAT on ASA has four types of dynamic NAT: dynamic NAT, dynamic PAT, static NAT and static NAT: many-to-many translation, mapping multiple private networks to multiple public networks dynamic PAT: many-to-one translation, mapping multiple private networks to a public network address, using more extensive static NAT: one-to-one translation maps one private network to another public network address. Hide internal address static PAT: one-to-one translation, mapping one IP address and port to another IP address and port, publishing internal server
Simple configuration of dynamic NAT
1) specify the network segment that requires address translation
ASA (config) # nat (inside) 1 10.1.1.0 255.255.255.0
2) define a global address pool
ASA (config) # global (outside) 1 172.16.1.100-172.16.1.200
3) use show xlate detail to view the NAT conversion table (I stands for dynamic NAT)
ASA#show xlate detail
4) clear the address translation list
ASA (config) # clear xlate detail
5) implement dynamic NAT on all network segments in the inside area
ASA (config) # nat (inside) 100 simple configuration of dynamic PAT
1) configure PAT based on IP address
ASA (config) # nat (inside) 1 10.1.1.0 255.255.255.0
ASA (config) # global (outside) 1 172.16.1.200
2) configure interface-based PAT
ASA (config) # nat (inside) 100 translates any network inside
ASA (config) # global (outside) 1 interface maps the internal network to the external interface
3) use the show xlate detail command to view the xlatetable (flags ri represents the dynamic PAT used)
ASA#show xlate detail simple configuration of static NAT
By default, the host PC3 in the DMZ can access the host PC4 in the outside zone, while the host PC4 needs to configure ACL to access the host PC3.
Configure static NAT
Configure ACL
Use the show xlate detail command to view the xlatetable (flags s stands for static NAT)
ASA#show xlate detail
DMZ has web and smtp servers, which require a single mapped address 172.16.1.201 to provide different services and simply configure PAT
Use the show xlate detail command to view the xlatetable (flags sr stands for static PAT)
ASA (config) # show xlate detailNAT control and NAT exemption disable NAT control
No nat-control enables NAT control
Nat-control
* simple configuration of NAT exemption
NAT exemption allows two-way communication
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
