165.201.15 209.165.201.15 netmask
255.255.255.255
NAT Exemption (nat 0 with ACL)
NAT Exemption (nat 0 access-list) is similar to Identity NAT. The main differentiator is that NAT Exemption
allows bidirectional communication. NAT Exemption allows both translated and remote hosts to initiate
connections.
Figure 6-17 shows how to configure NAT Exemption. The NAT engine will not perform address translation for the
inside hosts in 209.165.201.0/27 network, and they will remain the same because they exit out to another
interface. Users on the Outside network (destination-side) are also able to initiate connection to a host in the
209.165.201.0/27 network.
Figure 6-17. NAT Exemption
Policy NAT
Policy NAT is similar to static NAT. However, it allows for defining a conditional criterion to check the source
address and the destination address to determine address translation. With this feature, a source address
translation can vary, subject to a different destination. For example:
Host A communicating to Server A translate to Public_IP_A
Host A communicating to Server B translate to Public_IP_B
Policy NAT allows identification of local traffic for address translation by specifying the combination of source
and destination addresses (or ports) by using an access list.
Pages:
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306