[OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread Joe Astorino
Hi guys, Just starting down the road of the new ASA NAT. I have a simple question. I see there are 2 ways you can do dynamic PAT 1) Auto NAT object network obj_any subnet 0.0.0.0 0.0.0.0 nat (inside,outside) dynamic interface 2) Manual NAT nat (inside,outside) source dynamic any interface

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread Piotr Kaluzny
Joe Auto-NAT is for simple source translations and/or redirection. Manual NAT is what you have to use when you want to add some policy/conditions to the equation, like when you want to only translate packets going to a particular destination Regards, -- Piotr Kaluzny CCIE #25665 (Security),

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread SAM
| CCIE_Security] ASA 8.4 dynamic PAT Hi guys, Just starting down the road of the new ASA NAT. I have a simple question.  I see there are 2 ways you can do dynamic PAT 1) Auto NAT object network obj_any  subnet 0.0.0.0 0.0.0.0  nat (inside,outside) dynamic interface 2) Manual NAT nat (inside,outside

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread James K Keddington II
: Tuesday, June 18, 2013 10:14 AM To: OSL Security Subject: [OSL | CCIE_Security] ASA 8.4 dynamic PAT Hi guys, Just starting down the road of the new ASA NAT. I have a simple question. I see there are 2 ways you can do dynamic PAT 1) Auto NAT object network obj_any subnet 0.0.0.0 0.0.0.0 nat

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread Mike Rojas
need it, but it would be nice to remember): https://supportforums.cisco.com/docs/DOC-9129 Hope it helps. Mike Date: Tue, 18 Jun 2013 12:13:43 -0400 From: joeastorino1...@gmail.com To: ccie_security@onlinestudylist.com Subject: [OSL | CCIE_Security] ASA 8.4 dynamic PAT Hi guys, Just starting

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread Anthony Sequeira
: ccie_security@onlinestudylist.commailto:ccie_security@onlinestudylist.com | CCIE security ccie_security@onlinestudylist.commailto:ccie_security@onlinestudylist.com Subject: Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT Joe Auto-NAT is for simple source translations and/or redirection. Manual NAT

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread Joe Astorino
: Piotr Kaluzny pio...@ipexpert.com Date: Tuesday, June 18, 2013 12:45 PM To: joeastorino1982 joeastorino1...@gmail.com Cc: ccie_security@onlinestudylist.com | CCIE security ccie_security@onlinestudylist.com Subject: Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT Joe Auto-NAT is for simple source

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread Joe Astorino
. :-\ From: Piotr Kaluzny pio...@ipexpert.com Date: Tuesday, June 18, 2013 12:45 PM To: joeastorino1982 joeastorino1...@gmail.com Cc: ccie_security@onlinestudylist.com | CCIE security ccie_security@onlinestudylist.com Subject: Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT Joe Auto-NAT

Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT

2013-06-18 Thread Samarth Chidanand
...@onlinestudylist.com] On Behalf Of Joe Astorino Sent: Wednesday, June 19, 2013 2:25 AM To: Anthony Sequeira Cc: OSL Security Subject: Re: [OSL | CCIE_Security] ASA 8.4 dynamic PAT I actually ran into this because I have a situation with an ASA that has 2 different ISP connections. I need