Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3705
Views
5
Helpful
4
Replies

Difference between static NAT and a static route - ASA 5506-X

Go to solution
marcos500
Level 1
Level 1

‎06-18-2015 01:37 AM - edited ‎03-11-2019 11:08 PM

It seems that there isn't a simple explanation of this when you google it...

I have seen hundreds of articles and forum entries explaining the difference between static NAT, dynamic NAT and PAT and I think I understand the difference between them. However, when would you use static route vs a static NAT ?
From what I understand, routes are used for traffic that never changes i.e. a subnet that is always bound to a certain interface address.

Can anyone shed some light on this please? I am using an ASA 5506-X.
Many thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to marcos500

‎06-19-2015 06:08 AM

They are two different things so it is not a case of one being preferable over the other.

NAT is used, as Vibhor says, to translate IPs.

Static routes are used to tell the ASA how to reach remote networks so you would usually have at least a default static route pointing to the ISP router and perhaps static routes for internal networks if there is a L3 device internally routing for your vlans.

So there aren't really any cases of where you would use one or the other to achieve the same thing because they don't do the same thing.

Jon

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Vibhor Amrodia
Cisco Employee
Cisco Employee

‎06-19-2015 04:40 AM

Hi,

I think to explain it in a simple and straight forward way ,  Static route is a route created on the ASA device to help the ASA device reach the specific destination.

When we talk about the Static NAT , it is used to translate the IP address of a device on the ASA device.

So , these are different features used on the ASA device.

Thanks and Regards,

Vibhor Amrodia

Go to solution
marcos500
Level 1
Level 1
In response to Vibhor Amrodia

‎06-19-2015 05:20 AM

Tanks Vibhor.

Can you or anyone give me examples as to when a static rout would be preferable or even necessary? There must be specific circumstances in which a static route is recommended over a static NAT rule.

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to marcos500

‎06-19-2015 06:08 AM

They are two different things so it is not a case of one being preferable over the other.

NAT is used, as Vibhor says, to translate IPs.

Static routes are used to tell the ASA how to reach remote networks so you would usually have at least a default static route pointing to the ISP router and perhaps static routes for internal networks if there is a L3 device internally routing for your vlans.

So there aren't really any cases of where you would use one or the other to achieve the same thing because they don't do the same thing.

Jon

0 Helpful

Go to solution
Alienfalcon
Level 1
Level 1
In response to Jon Marshall

‎06-21-2022 10:47 AM

Okay I get that they are two different things. However, does that mean that when routing from a local network to a wider network, the IP address will stay the same? Will computers on the wider network see 192.168.***.*** as the computer's IP address or 10.16.***.*** as the computer's IP address if the switch does not have NAT?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card