nat and firewall

UnknownUnknown
in CCNA & CCENT
Can the firewall on the router prevent nat from translating an address all on the same router.
· Share on FacebookShare on Twitter

Comments

  • xXErebuSxXErebuS Member Posts: 230
    dmarcisco wrote: »
    Can the firewall on the router prevent nat from translating an address all on the same router.


    Could you clarify? Are you saying you have a pool of addresses (192.168.1.0/24) that need translated to your public addresses (X.X.X.X/X) and you want to prevent host 192.168.1.24 from being translated?

    If so yes; its called NAT EXEMPTION but there are specific order of operations of which supercedes the other and is typically vendor / model specific.
    · Share on FacebookShare on Twitter
  • mapletunemapletune Member Posts: 316
    In a nutshell, input access list is always checked first, then NAT, then output access list.

    Here's more information for your reference:
    NAT Order of Operation - Cisco Systems
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
    · Share on FacebookShare on Twitter
Sign In or Register to comment.