cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
813
Views
0
Helpful
1
Replies

Difference between Cisco router and Cisco firewall command (NAT)

Rishi.WWN
Level 1
Level 1

Hello Everyone,

I hope and wish, you all are doing very well. Further want to know the difference between cisco router and cisco firewall commands. Kindly let me know with some command like NAT, default route etc.

Regards

Rishi

1 Reply 1

Hello,

 

the differences are many. Below are a few examples:

 

ASA 

 

--> this is a pool of NAT addresses

 

object network NAT_POOL
range 192.168.2.100 192.168.2.120
!
object network LAN
subnet 192.168.1.0 255.255.255.0nat (INSIDE,OUTSIDE) dynamic NAT_POOL

 

IOS

 

ip nat pool NAT_POOL 192.168.2.100 192.168.2.120 netmask 255.255.255.0
ip nat inside source list 1 pool NAT_POOL
!
access-list 1 permit 192.168.1.0 0.0.0.255

 

ASA

 

--> this is static NAT

 

object network STATIC_HOST
host 192.168.1.1
nat (INSIDE,OUTSIDE) static 192.168.2.1
!
access-list OUTSIDE_TO_INSIDE extended permit tcp any host 192.168.1.1
access-group OUTSIDE_TO_INSIDE in interface OUTSIDE

 

On the ASA, everything needs to be specifically allowed (that is why you need the access list above), on an IOS router, everything is allowed by default...

 

IOS

 

ip nat inside source static 192.168.1.1 192.168.2.1

 

ASA

 

--> this is the default route

 

route OUTSIDE 0 0 ip_address_next_hop

 

IOS

 

ip route 0.0.0.0 0.0.0.0 ip_address_next_hop

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: