Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
302
Views
0
Helpful
2
Replies

auto (object NAT) cli help query

keven.lincoln
Level 1
Level 1

‎08-01-2017 03:11 AM - edited ‎03-12-2019 02:45 AM

Hi,

I am just configuring some very simple post 8.3 NAT statements.

network object mapped-ip

host 1.1.1.1

network object real-ip

host 2.2.2.2

My next line of configuration would normally be something like the following nat statement included in the real-ip object definition

nat static mapped-ip

OR

nat (inside,outside) static mapped-ip

However, if you hit a question mark for help after the nat command, you get the option to specify interfaces in (), source or after-auto.

My point is the keyword static is not listed in the available options but is accepted as a command argument if entered..

I have checked various code revisions and this the same in each version.

Why ?

Is the static keyword not the preferred method. Is cisco trying to push us down a different path or is this just a simple mistake/omission ?

Labels:
0 Helpful
2 Replies 2

Aditya Ganjoo
Cisco Employee
Cisco Employee

‎08-01-2017 03:26 AM

 Hi,

What you are trying to do is configure a manual NAT statement in which you need to select the source and destination translation methods.

But if you configure an Auto-nat statement then you would get the static keyword directly after you use a ?

Auto-NAT:

object network obj-10.1.1.6 host 10.1.1.6 nat (inside,outside) static 192.168.100.100

host 10.1.1.6 nat (inside,outside) static 192.168.100.100

nat (inside,outside) static 192.168.100.100

Manual NAT:

nat (inside,outside) source static real-ip mapped-ip

More info on this link:

https://supportforums.cisco.com/document/33921/asa-pre-83-83-nat-configuration-examples

Regards,

Aditya

Please rate helpful and mark correct answers

0 Helpful

keven.lincoln
Level 1
Level 1
In response to Aditya Ganjoo

‎08-01-2017 03:46 AM

hi Aditya

Thanks for your response.

My point is that if you enter nat ? the list of available options does not include the static keyword.

I agree that you can actually type in the static keyword and it is accepted. No problem.

I just cannot understand why it is missing.   I just wanted to know if there was a reason  why. Are  cisco  were trying to  push people away from using the static option for some reason? I checked using asdm and it uses the static command ok.

I am quite happy to accept that its just one of these quirks of the command line if that is the case.

Again, thanks for your time.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top