NAT ACL CISCO ASA 2

lecarbajal · Aug 18, 2010

Hello,

I configured a acl for control the nat to the outside of the internet and also acl for denied the access to some services.

I would like to know which is the correct order when the ASA read the configuration.

1.- the ACL for the nat and then the ACL for denied some services ?
2.- the acl for denied the services and then the nat?

the acl for services is applied to a vlan inside in the ASA.

Thx

baddos · Aug 18, 2010

Applying an ACL to an interface simply permits or denies services based on that ACL. Applying an ACL in your nat commands just controls which ips get NAT.

unclerico · Aug 19, 2010

it sounds to me like the OP is asking about the order of operation (i.e. does the ACL get evaluated before the NAT process). if this is the case refer to this doc for the full order of operation:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080133ddd.shtml

if not, forget i said anything

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

NAT ACL CISCO ASA 2

lecarbajal

MIS

baddos

MIS

unclerico

IS-IT--Management

Similar threads

Part and Inventory Search

Sponsor