Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1133
Views
0
Helpful
1
Replies

NAT Exemption Rules (hitcnt=0)

Go to solution
GREGORY JACKSON
Level 1
Level 1

‎01-18-2018 08:26 AM - edited ‎02-21-2020 07:09 AM

I'm currently converting from ASA 5525 to FirePower 2140 w/FMC. As I am auditing my current ASA I see there are lots of No-nat rules with hitcnt=0 these look to be at (0) for a long period of time. I wanted to understand does the NO_NAT rules actually show a (hitcnt) of greater than zero? I don't want to migrate any ACL's that I don't need.

 

I am going to disable them one at a time to determine the impact, but does anyone know if it the NAT exemption rules actually show a hitcnt?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Pawan Raut
Level 4
Level 4

‎01-18-2018 10:25 AM

NAT exemption is also NAT rule and that convert same Original IP to same MAP IP when ASA check the packet flow so it should have hit count when it matches the rule for any traffic.
Could you please paste that NAT exemption rule and show nat de output for that respective rule.

Regards,
Pawan

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Pawan Raut
Level 4
Level 4

‎01-18-2018 10:25 AM

NAT exemption is also NAT rule and that convert same Original IP to same MAP IP when ASA check the packet flow so it should have hit count when it matches the rule for any traffic.
Could you please paste that NAT exemption rule and show nat de output for that respective rule.

Regards,
Pawan
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card