Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
374
Views
0
Helpful
1
Replies

Why does the nonat gets removed when we enable access on tcp level.

Hemakumar Sampath
Level 1
Level 1

‎01-02-2013 08:28 PM - edited ‎03-11-2019 05:42 PM

       What makes the CISCO ASA to remove nonat when we enable access in tcp or udp level

Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎01-02-2013 09:04 PM

Nonat only supports IP level within the access-list, and will remove the NAT statement if you have TCP or UDP ports configured.

Here is the command for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/no.html#wp1756533

(quoted from the above:

NAT. NAT exemption is not the same as policy NAT; you cannot specify the port addresses)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card