23-21
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter2 3 Configuring Network Address Translation
NAT Policies on Security Devices
Dynamic Rules Tab
Use the Dynamic Rules tab of the Translation Rules page to view and configure dynamic NAT and PAT
rules. Rules are evaluated sequentially in the order listed. The row number indicates the rule’s position
in the ordering of the list. You can use the Up Row and Down Row buttons to change the position of the
selected rule.
With dynamic NAT, internal IP addresses are dynamically translated using IP addresses from a pool of
global addresses. With dynamic PAT, internal IP addresses are translated to a single mapped address by
using dynamically assigned port numbers with the mapped address. Dynamic translations are often used
to map local RFC 1918 IP addresses to addresses that are Internet-routable.
The Add/Edit Dynamic Translation Rule dialog box is used to add and edit these rules. Refer to Add/Edit
Dynamic Translation Rule Dialog Box, page 23-21 for descriptions of the fields displayed in the table
on this page.
Note Dynamic translation rules are only supported by PIX, ASA and FWSM devices in router mode, and
FWSM 3.2 devices in transparent mode. Other devices in transparent mode support only static
translation rules.
Navigation Path
You can access the Dynamic Rules tab from the Translation Rules page. For more information about the
Translation Rules page, see Translation Rules: PIX, FWSM, and pre-8.3 ASA, page 23-18.
Note By default, only standard Dynamic Rule elements are displayed in this table. Additional columns for
elements defined in the Advanced NAT Options dialog box can be displayed by right-clicking any
column heading. (All columns are displayed by default on the General Tab, page23-30.)
Related Topics
Configuring NAT on PIX, FWSM, and pre-8.3 ASA Devices, page 23-17
Advanced NAT Options Dialog Box, page 23-28
Select Address Pool Dialog Box, page 23-22
General Tab, page23-30
Standard rules table topics:
Using Rules Tables, page12-7
Filtering Tables, page1-45
Table Columns and Column Heading Features, page1-46

Add/Edit Dynamic Translation Rule Dialog Box

Use the Add/Edit Dynamic Translation Rule dialog box to define and edit dynamic NAT and PAT rules.
Navigation Path
You can access the Add/Edit Dynamic Translation Rule dialog box from the Dynamic Rules tab. See
Dynamic Rules Tab, page 23-21 for more information.
Related Topics
Configuring NAT on PIX, FWSM, and pre-8.3 ASA Devices, page 23-17