Table of Contents
Advertisement
Network Address Translation Rules
Note
Direction
Translate from Interface
Note
Access Rule
Cisco Router and Security Device Manager 2.5 User's Guide
26-24
If you create a NAT rule that would translate addresses of devices that are part of
a VPN, Cisco SDM will prompt you to allow it to create a route map that protects
those addresses from being translated by NAT. If NAT is allowed to translate
addresses of devices on a VPN, their translated addresses will not match the IPSec
rule used in the IPSec policy, and traffic will be sent unencrypted.
Choose the traffic direction for this rule.
From inside to outside
Choose this option if you want to translate private addresses on the LAN to legal
(globally unique) addresses on the Internet or on your organization's intranet.
This help topic describes how the remaining fields are used when From inside to
outside is chosen.
This area shows the interfaces from which packets needing address translation
come in to the router. It provides fields for specifying the IP address of a single
host, or a network address and subnet mask that represent the hosts on a network.
Inside Interface(s)
If you chose From inside to outside for Direction, this area contains the
designated inside interfaces.
If this area contains no interface names, close the Add Address Translation Rule
window, click Designate NAT interfaces in the NAT window, and designate the
router interfaces as inside or outside. Then return to this window and configure
the NAT rule.
Dynamic NAT translation rules use access rules to specify the addresses that need
translation. If you choose From inside to outside, these are the
addresses. Enter the name or number of the access rule that defines the addresses
Chapter 26
Network Address Translation
inside local
OL-4015-12
Advertisement
Table of Contents
Troubleshooting
