23-24
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 23 Configuring Network Address Translation
NAT Policies on Security Devices
Add/Edit Policy Dynamic Rules Dialog Box
Use the Add/Edit Policy Dynamic Rules dialog box to define and edit dynamic translation rules based
on source and destination addresses and services.
Navigation Path
You can access the Add/Edit Policy Dynamic Rules dialog box from the Policy Dynamic Rules tab. See
Policy Dynamic Rules Tab, page23-23 for more information.
Related Topics
Configuring NAT on PIX, FWSM, and pre-8.3 ASA Devices, page 23-17
Translation Rules: PIX, FWSM, and pre-8.3 ASA, page 23-18
Policy Dynamic Rules Tab, page23-23
Advanced NAT Options Dialog Box, page 23-28
Select Address Pool Dialog Box, page 23-22
Field Reference
Table23-10 Add/Edit Policy Dynamic Rules Dialog Box
Element Description
Enable Rule If checked, the rule is enabled. Deselect this option to disable the rule
without deleting it.
Original: Interface Enter the name of (or Select) the device interface to which the rule
applies.
Original: Sources Enter IP addresses for (or Select) the source hosts and network objects
to which the rule applies. Multiple entries must be separated by
commas.
Note that this parameter is displayed in the Policy Dynamic Rules table
under the column heading “Original Address.”
Translated: Pool Enter (or Select) the ID number of the pool of addresses used for
translation; clicking Select opens the Select Address Pool Dialog Box,
page 23-22.
Enter a value of zero to specify this as an identity NAT rule.
Translated: Direction The rule can be applied to Inbound or Outbound traffic, as specified
with this option.
Traffic flow: Destinations Enter IP addresses for (or Select) the destination hosts and network
objects to which the rule applies. Multiple entries must be separated by
commas.
Traffic flow: Services Enter (or Select) the services to which the rule applies. Multiple entries
must be separated by commas.
Category To assign the rule to a category, choose the category from this list.
Categories can help identify rules and objects using labels and
color-coding. See Using Category Objects, page6-12 for more
information.
Note No commands are generated for the Category attribute.