oh thanks ....this means if NAT control is enabled , NAT is mandatory....and without this it wont work simply to send and rcv. packets thru ASA, but if NAT-Control is disabled, NAT is still possible , but it is not mandatory and it will work without NAT also, and NAT is only there to do addressing masking/translations/masquarading...right...
regards, Kamran Shakil ITA NDC Operations Engineer MidEast Data Systems LLC Oman Cell: + 968 95804126 Office: + 968 24576640 http://www.mynameise.com/kamranshakil77 Confidentiality Warning: "This message and any attachments are intended only for the use of the intended recipient(s), are confidential, and may be privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, conversion to hard copy, copying, circulation or other use of all or any portion of this message and any attachments is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, and delete this message and any attachments from your system." -----Original Message----- From: Kingsley Charles [mailto:[email protected]] Sent: Sun 12/12/2010 10:11 AM To: Kamran Shakil Cc: [email protected] Subject: Re: [OSL | CCIE_Security] "NAT control disabled , still need NAT to work " When nat-control enabled traffic from higher to lower sec level should have a nat rule. With nat-control disabled., it doesn't need nat rule. With nat-control disabled, if you have nat rule it will translate. With regards Kings On Sun, Dec 12, 2010 at 11:20 AM, Kamran Shakil <[email protected]>wrote: > > well, i went to this link : http://www.wr-mem.com/?p=93 , and found it on > www.securityie.com ! > > it says that even if NAT Control is disabled, we can still do PAT ! ..... > well then how can we know the functionality difference ! > > plz guys ... let me know the tricky part here ! > > > > > > regards, > > Kamran Shakil > ITA NDC Operations Engineer > MidEast Data Systems LLC Oman > Cell: + 968 95804126 > Office: + 968 24576640 > http://www.mynameise.com/kamranshakil77 > > Confidentiality Warning: > "This message and any attachments are intended only for the use of the > intended recipient(s), are confidential, and may be privileged. If you are > not the intended recipient, you are hereby notified that any review, > retransmission, conversion to hard copy, copying, circulation or other use > of all or any portion of this message and any attachments is strictly > prohibited. If you are not the intended recipient, please notify the sender > immediately by return e-mail, and delete this message and any attachments > from your system." > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
