NAT Basics Flashcards
How is NAT enforced and on what?
enforced through NAT policies on address objects or IP addresses
At minimum NAT policy needs to specify what?
packet’s source zone and destination zone
in addition to zones, what can be matching criteriums? (3)
- destination interface
- source and destination address
- service
Security policies are applied to pre-NAT or post-NAT IP addresses?
security policies are applied to the original IP address (the pre-NAT address)
Security policies are enforced on pre-NAT or post-NAT zones?
security policies are enforced on the post-NAT zone
How are NAT rules evaluated?
from the top down, therefore once a packet matches the criteria of a single NAT rule, the packet is not subjected to additional NAT rules - means rules should be in order from most specific to least specific
Do static NAT rules have precedence over other forms of NAT?
no; static NAT rules must be above all other NAT rules in the list on the firewall