Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
466
Views
0
Helpful
2
Replies

ASA NAT Statements

RyanB
Level 1
Level 1

‎01-25-2018 09:31 AM - edited ‎02-21-2020 07:12 AM

I have a configuration as follows.

 

object network INSIDE_NET
  subnet 192.168.1.0 255.255.255.0
  nat (any,outside) dynamic interface

My question is basically, is there any point to saying "any" on the source interface when the NAT is contained within the INSIDE_NET object? Would it not make more sense (or at least be the exact same) as this configuration? 

object network INSIDE_NET
  subnet 192.168.1.0 255.255.255.0
  nat (inside,outside) dynamic interface

Im pretty much just trying to determine if there is any possible reason why ANY was specified instead of the INSIDE interface.

 

Thanks

Labels:
0 Helpful
2 Replies 2

jtattenbach
Level 1
Level 1

‎01-25-2018 10:32 AM

Is there "ANY" the nameif of some of your configured interfaces in the ASA? 

0 Helpful

RyanB
Level 1
Level 1
In response to jtattenbach

‎01-25-2018 10:47 AM - edited ‎01-25-2018 10:49 AM

No, "any" would not be the nameif of any interfaces.

They would be something like:

 

inside

outside

dmz

 

Also, if you tried to name an interface "any", you would get an error.

 

ERROR: Name "any" is a reserved word and cant be used here
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card