Which Auto NAT policies are processed first ?

Posted by: Pdfprep Category: 210-260 Tags: , , Post Date: October 30, 2020

Which Auto NAT policies are processed first ?
A . Dynamic with longest prefix
B . Dynamic with shortest prefix
C . Static with longest prefix
D . Static with shortest prefix

Answer: C

Explanation:

All packets processed by the ASA are evaluated against the NAT table. This evaluation starts at the top (Section 1) and works down until a NAT rule is matched. Once a NAT rule is matched, that NAT rule is applied to the connection and no more NAT policies are checked against the packet.

+ Section 1 – Manual NAT policies: These are processed in the order in which they appear in the configuration.

+ Section 2 – Auto NAT policies: These are processed based on the NAT type (static or dynamic) and the prefix (subnet mask) length in the object.

+ Section 3 – After-auto manual NAT policies: These are processed in the order in which they appear in the configuration.

Source: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation­firewalls/116388-technote-nat-00.html

Author

Leave a Reply

Your email address will not be published.