Solved: ASA nat commnand

Fotiosmark · ‎03-09-2018

Hello Group! how are you this morning? :)

Was wondering if someone can explain to me the below command on ASA

nat (inside,outside) source static *********** destination static ******** no-proxy-arp route-lookup

Basically I know what it does, I only need help with the last 2 lines (no proxy arp and route-lookup)

Thanks

Bogdan Nita · ‎03-09-2018

no-proxy-arp - starting with 8.4 ASA will enable proxy-arp for all static NAT statements, in cases you do not want the ASA to respond to arp requests for other IPs, you can use the no-proxy-arp option

route-lookup - the ASA does use the NAT rules to route the packets as well, I believe it has to do with the order of operation and it trusts the NAT statement has the correct interfaces configured. If you want the ASA to use only the routing table instead of the NAT rule, you can use the route-lookup option.

HTH,

Bogdan

View solution in original post

Bogdan Nita · ‎03-09-2018

no-proxy-arp - starting with 8.4 ASA will enable proxy-arp for all static NAT statements, in cases you do not want the ASA to respond to arp requests for other IPs, you can use the no-proxy-arp option

route-lookup - the ASA does use the NAT rules to route the packets as well, I believe it has to do with the order of operation and it trusts the NAT statement has the correct interfaces configured. If you want the ASA to use only the routing table instead of the NAT rule, you can use the route-lookup option.

HTH,

Bogdan