Configuring Network Address Translation
Routed firewall mode only
This chapter describes Network Address Translation (NAT). In routed firewall mode, the Firewall
Services Module (FWSM) typically performs NAT between each network.
Note
In transparent firewall mode, both the inside and outside network are the same network, and the FWSM
does not perform NAT. See the
on page 6-10
mode.
This chapter contains the following sections:
•
•
•
•
•
•
NAT Overview
This section describes how NAT works on the FWSM, and includes the following topics:
•
•
•
•
•
•
•
•
•
OL-6392-01
for connection limits for which you must configure a NAT statement in transparent firewall
NAT Overview, page 9-1
Using Dynamic NAT and PAT, page 9-16
Using Static NAT, page 9-26
Using Static PAT, page 9-27
Bypassing NAT, page 9-29
NAT Examples, page 9-32
Introduction to NAT, page 9-2
NAT Types, page 9-3
Policy NAT, page 9-8
Outside NAT, page 9-10
NAT and Same Security Level Interfaces, page 9-11
Order of NAT Commands Used to Match Local Addresses, page 9-12
Maximum Number of NAT Statements, page 9-12
Global Address Guidelines, page 9-12
DNS and NAT, page 9-13
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
"Configuring Connection Limits for Non-NAT Configurations" section
C H A P T E R
9
9-1