nat and firewall

Can the firewall on the router prevent nat from translating an address all on the same router.

Comments

  • xXErebuSxXErebuS Posts: 230Member
    dmarcisco wrote: »
    Can the firewall on the router prevent nat from translating an address all on the same router.


    Could you clarify? Are you saying you have a pool of addresses (192.168.1.0/24) that need translated to your public addresses (X.X.X.X/X) and you want to prevent host 192.168.1.24 from being translated?

    If so yes; its called NAT EXEMPTION but there are specific order of operations of which supercedes the other and is typically vendor / model specific.
  • mapletunemapletune Posts: 316Member
    In a nutshell, input access list is always checked first, then NAT, then output access list.

    Here's more information for your reference:
    NAT Order of Operation - Cisco Systems
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
Sign In or Register to comment.