26-21
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12
Chapter26 Network Addres s Translation
Network Address Translation Rules
addresses of devices on a VPN, their translated addresses will not match the IPSec
rule used in the IPSec policy, and traffic will be sent unencrypted. You can view
route maps created by Cisco SDM or created using the CLI by cl icking the View
Route Maps button in the NAT window.
Direction
Choose the traffic direction for this rule.
From outside to inside
Choose this option if you want to translate incoming addresses to addresses that
will be valid on your LAN. You may want to do this when you are merging
networks and must make one set of incoming addresses compatible with an
existing set on the LAN served by the router.
This help topic describes how the remaining fields are used when From outsi de to
inside is chosen.
Translate from Interface
This area shows the interfaces from which packets needing address translation
come in to the router. It provides fields for you to specify the IP address of a single
host, or a network address and subnet mask that represent the hosts on a network.
Outside Interfaces
If you choose From outside to inside, this area contains the designated outside
interfaces.
Note If this area contains no interface names, close the Add Address Translation Rule
window, click Designate NAT interfaces in the NAT window, and designate the
router interfaces as inside or outside. Then return to this window and configure
the NAT rule.
IP Address
Do one of the following:
If you want to create a one-to-one static mapping between the outside global
address of a single remote host and a translated address, known as the outside
local address, enter the IP address for the remote host.