K-11
User Guide for Cisco Security Manager 3.2
OL-16066-01
AppendixK Router Platform User Interface Reference
NAT Policy Page
Advanced Applies only when using the Translated IP option for address translation.
Defines advanced options:
•No Alias—When selected, prohibits an alias from being created for the
global address.
The alias option is used to answer Address Resolution Protocol (ARP)
requests for global addresses that are allocated by NAT. You can disable
this feature for static entries by selecting the No alias check box.
When deselected, global address aliases are permitted.
•No Payload—When selected, prohibits an embedded address or port in
the payload from being translated.
The payload option performs NAT between devices on overlapping
networks that share the same IP address. When an outside device sends
a DNS query to reach an inside device, the local address inside the
payload of the DNS reply is translated to a global address according to
the relevant NAT rule. You can disable this feature by selecting the No
payload check box.
When deselected, embedded addresses and ports in the payload may be
translated, as described above.
•Create Extended Translation Entry—When selected, creates an
extended translation entry (addresses and ports). This enables you to
associate multiple global addresses with a single local address. This is
the default.
When deselected, creates a simple translation entry that allows you to
associate a single global address with the local address.
OK button Saves your changes locally on the client and closes the dialog box.
Note To save your changes to the Security Manager server so that they are
not lost when you log out or close your client, click Save on the
source page.
TableK-5 NAT Static Rule Dialog Box (Continued)