CHAPT ER
29-1
Cisco ASA 5500 Series Configuration Guide using the CLI
29
Information About NAT
This chapter provides an overview of how Network Address Translation (NAT) works on the ASA. This
chapter includes the following sections:
Why Use NAT?, page29-1
NAT Terminology, page29-2
NAT Types, page29-3
NAT in Routed and Transparent Mode, page29-12
NAT for VPN, page29-14
How NAT is Implemented, page29-16
NAT Rule Order, page29-20
Routing NAT Packets, page29-21
DNS and NAT, page29-24
Where to Go Next, page29-27
Note To start configuring NAT, see Chapter 30, “Configuring Network Object NAT, or Chapter 31,
“Configuring Twice NAT.”

Why Use NAT?

Each computer and device within an IP network is assigned a unique IP address that identifies the host.
Because of a shortage of public IPv4 addresses, most of these IP addresses are private, not routable
anywhere outside of the private company network. RFC 1918 defines the private IP addresses you can
use internally that should not be advertised:
10.0.0.0 through 10.255.255.255
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255