Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
613
Views
0
Helpful
2
Replies

remove NAT and ACL

brentz
Level 1
Level 1

‎03-25-2013 12:15 PM - edited ‎03-11-2019 06:19 PM


I have an NAT from my outside interface to a server on the inside. It also has an ACL that allows port 80. I need to remove this configuration. Which part is removed fist the NAT or ACL? Should do a clear local host when they are both removed?

Thanks

Brent
Sent from Cisco Technical Support iPad App

Labels:
0 Helpful
2 Replies 2

Jouni Forss
VIP Alumni
VIP Alumni

‎03-25-2013 12:26 PM

Hi,

I dont think it really matter which you remove first if you are simply removing a single Static NAT / Static PAT and a ACL rule line meant for that NAT.

They arent tied to eachother

However if you have a NAT statement which uses an ACL then you would remove the NAT first and then the ACL. I dont think the ASA would probably let you even remove the ACL if its in use by some NAT configuration.

You can post the configuration to be removed here if you want. Remove complete public IP address before posting.

- Jouni

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to Jouni Forss

‎03-25-2013 12:28 PM

Also,

You should be able to use the "show xlate | inc " and possibly also the "show local-host " to confirm if the NAT is still active for the host in question.

Naturally take care with clearing xlate/local-host if the host is something that is critical since you might possible clear/teardown connections to the said host in the process-

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card