Object Selectors, page F-593 | Cisco Systems OL-16066-01 guide

Appendix K Router Platform User Interface Reference

NAT Policy Page

	Field Reference
Table K-7	NAT Dynamic Rule Dialog Box

Element		Description

Traffic Flow		Access List—The extended ACL that specifies the traffic requiring dynamic
		translation. Enter the name of an ACL object, or click Select to display an
		Object Selectors, page F-593.
		If the ACL you want is not listed, click the Create button in the selector to
		display the dialog box for defining an extended ACL object. For more
		information, see Add and Edit Extended Access List Pages, page F-34.
		Note Make sure that the ACL you select does not permit the translation of
		Security Manager management traffic over any device address on
		this router. Translating this traffic will cause a loss of
		communication between the router and Security Manager.

Translated Address		The method for performing dynamic address translation:
		• Interface—The router interface used for address translation. PAT is used
		to distinguish each host on the network. Enter the name of an interface
		or interface role, or click Select to display an Object Selectors,
		page F-593.
		If the interface role you want is not listed, click the Create button in the
		selector to display the Interface Role Dialog Box, page F-464. From
		here you can create an interface role object.
		• Address Pool—Translates addresses using a set of addresses defined in
		an address pool. Enter one or more address ranges, including the prefix,
		using the format min1-max1/prefix (in CIDR notation). You can add as
		many address ranges to the address pool as required, but all ranges must
		share the same prefix. Separate multiple entries with commas.

Enable Port Translation		When selected, the router uses port addressing (PAT) if the pool of available
(Overload)		addresses runs out.
		When deselected, PAT is not used.
		Note PAT is selected by default when you use an interface on the router as
		the translated address.

	User Guide for Cisco Security Manager 3.2
K-14	OL-16066-01

Image 14

Cisco Systems OL-16066-01 appendix Object Selectors, page F-593

Contents

Router Platform User Interface Reference CPU Policy Page, page K-107 Dhcp Policy Page, page K-167 NTP Policy Page, page K-174 For more information, see NAT on Cisco IOS Routers, NAT Page-Interface Specification TabNAT Policy Chapter K, Router Platform User Interface Reference Edit Interfaces Dialog Box-NAT Inside Interfaces Related Topics Edit Interfaces Dialog Box-NAT Outside Interfaces Field Reference NAT Page-Static Rules Tab NAT Static Rule Dialog Box Information, see Filtering Tables, Disabling the Alias Option for Attached Subnets, Basic Interface Settings on Cisco IOS Routers,Defining Static NAT Rules, Disabling the Payload Option for Overlapping Networks, Table K-5 NAT Static Rule Dialog Box Table K-5 NAT Static Rule Dialog Box Appendix K Router Platform User Interface Reference For more information, see Defining Dynamic NAT Rules, NAT Page-Interface Specification Tab, page K-3NAT Page-Dynamic Rules Tab NAT Dynamic Rule Dialog Box Object Selectors, page F-593 F-593 NAT Page-Timeouts Tab Specifying NAT Timeouts, Router Interfaces Table Columns and Column Heading Features, Create Router Interface Dialog Box Enabled Type Name Parent Discontiguous Network Masks, BRI, PRI Isdn Table K-10 Create Router Interface Dialog Box MTU Vlan ID Interface Auto Name Generator Dialog Box Dlci Advanced Interface Settings Available Interface Types, CDP Advanced Interface Settings Dialog Box You can create an interface role object For more information, see Understanding Helper Addresses, Eguide09186a00804247fc.htmlSelectors, page F-593 Cisco Discovery Protocol settings Table K-13 Advanced Interface Settings Dialog Box 00800a3ded.shtml Fragreassmps6441TSDProductsConfigurationGuideChapter.htmlVFR ACL AIM-IPS Interface Settings IPS Monitoring Information Dialog Box Dialer Policy Configuring Dial Backup, SPID2 Dialer Profile Dialog BoxSPID1 Table K-17 Dialer Profile Dialog Box Dialer Physical Interface Dialog Box Isdn BRI Adsl Policy Adsl on Cisco IOS Routers, Adsl Settings Dialog Box Defining Adsl Settings, PVC Policy Page, page K-54 Supported by each card type may cause deployment to fail Table K-20 Adsl Settings Dialog Box Shdsl Policy Shdsl on Cisco IOS Routers, Edit the selected DSL controller definition Dialog Box, page K-53 Shdsl Controller Dialog BoxDefining Shdsl Controllers, User Guide for Cisco Security Manager CPE Table K-22 Shdsl Dialog Box Controller Auto Name Generator Dialog Box PVC Policy PVC OAM PVC IDPVC OAM-PVC PVC Dialog Box Defining ATM PVCs, Table K-25 PVC Dialog Box Inverse ARP. See PVC Dialog Box-Protocol Tab, page K-67 PVC Dialog Box-Settings Tab, page K-59PVC. See PVC Dialog Box-QoS Tab, page K-63 PVC Dialog Box-Settings Tab Ilmi VPIVCI PVC Resources are freed for other dial-in users PPP PVC Dialog Box-QoS TabDialog Box-Protocol Tab, page K-67 Quality of Service Policy Page, page K-199 Understanding Policing and Shaping Parameters, CBR Service Classes,ABR VBR-NRT UBRUBR+ VBR-RT PVC Dialog Box-Protocol Tab Define Mapping Dialog Box PVC Dialog Box, page K-56 Defining ATM PVCs, PVC Advanced Settings Dialog Box Type for the PVC. See PVC Dialog Box-Settings Tab, page K-59 Advanced Settings Dialog Box-OAM-PVC Tab, page K-73 PVC Advanced Settings Dialog Box-OAM TabAdvanced Settings Dialog Box-OAM Tab, page K-70 Go to the PVC Dialog Box, page K-56, then click Advanced PVC Dialog Box, page K-56 Table K-31 PVC Advanced Settings Dialog Box-OAM Tab PVC Advanced Settings Dialog Box-OAM-PVC Tab OAM-PVC tab Table K-32 PVC Advanced Settings Dialog Box-OAM-PVC Tab Table K-32 PVC Advanced Settings Dialog Box-OAM-PVC Tab PPP/MLP Policy Table K-33 PPP/MLP PPP Dialog Box Defining PPP Connections, Connection. See PPP Dialog Box-PPP Tab, page K-80 PPP Dialog Box-MLP Tab, page K-84 PPP Dialog Box-PPP TabTab, page K-84 Table K-35 PPP Dialog Box-PPP Tab It for other PPP connections on this device Chap Authentication settings MLP PPP Dialog Box-MLP TabPPP Dialog Box-PPP Tab, page K-80 Advance None-Negotiation is conducted without using an endpoint AAA Policy AAA Page-Authentication Tab Defining AAA Services, AAA Server Group Dialog Box, page F-12 Predefined AAA Authentication Server Groups,Understanding Method Lists, AAA Page-Authorization Tab Information, see Filtering Tables, Command Authorization Dialog Box AAA Page-Accounting Tab Table K-41 AAA Page-Accounting Tab See description Table N-91 on page N-131 Command Accounting Dialog Box Server groups configured with TACACS+ Accounts and Credential s Policy Table K-43 Accounts and Credentials User Account Dialog Box 100 User Accounts and Device Credentials on Cisco IOS Routers, Understanding FlexConfig Objects,Defining Accounts and Credential Policies, MD5 102 Bridging PolicyBridging on Cisco IOS Routers, Bridge Group Dialog Box 103 Clock Policy 104 105 106 CPU Policy 107 108 109 Http Policy 110 111 Http Page-Setup TabHttp and Https on Cisco IOS Routers, 112 Http Page-AAA TabHttps Http Page-Setup Tab, page K-111 113 114 115 AAA Policy Page, page K-87 Command Authorization Override Dialog BoxHttp Policy Page, page K-110 116 Console Policy 117 118 Console Page-Setup TabVTY Line Dialog Box-Setup Tab, page K-132 119 120 Console Page-Authentication Tab 121 Page-Authentication Tab, page K-88 122 Console Page-Authorization Tab 123 124 Console Page-Accounting Tab 125 126 Page-Accounting Tab, page K-93 127 128 VTY Policy 129 130 VTY Line Dialog Box Line Access on Cisco IOS Routers,Dialog Box-Setup Tab, page K-132 131 Console Page-Setup Tab, page K-118 VTY Line Dialog Box-Setup TabDefining VTY Line Setup Parameters, 132 133 Policy. See Http Page-Setup Tab, page K-111 134 135 VTY Line Dialog Box-Authentication Tab 136 VTY Line Dialog Box-Authorization Tab 137 Page-Authorization Tab, page K-90 138 VTY Line Dialog Box-Accounting Tab 139 140 141 142 143 Command Authorization Dialog Box-Line AccessConsole Policy Page, page K-117 VTY Policy Page, page K-129 Level. See Command Accounting Dialog Box, page K-96 144 Command Accounting Dialog Box-Line Access 145 146 Secure Shell Policy 147 Box-Setup Tab, page K-132 148 149 Snmp PolicyFor more information, see Defining Snmp Agent Properties, Snmp on Cisco IOS Routers, 150 151 Permission Dialog BoxGenerate. See Snmp Traps Dialog Box, page K-155 Defining Snmp Agent Properties, Trap Receiver Dialog Box, page K-153Snmp Traps Dialog Box, page K-155 152 153 Trap Receiver Dialog BoxPermission Dialog Box, page K-151 154 Snmp Traps Dialog Box 155 For more information, see Understanding IKE, 156 157 DNS Policy 158 159 IP Host Dialog BoxDNS on Cisco IOS Routers, 160 Hostname PolicyHostnames and Domain Names on Cisco IOS Routers, 161 For more information, see Defining Router Memory Settings,Memory Policy 162 163 Secure Device Provisioning PolicySecure Device Provisioning on Cisco IOS Routers, Understanding PKI Enrollment Objects, Administrative Introducers,Secure Device Provisioning Workflow, Click Select to display an Object Selectors, page F-593 165 166 Dhcp on Cisco IOS Routers, Dhcp PolicyFor more information, see Defining Dhcp Policies, 167 168 To display an Object Selectors, page F-593Definition, page 9-153and Supported IP Address Formats, 169 IP Pool Dialog Box, page K-171 Dhcp Database Dialog BoxDefining Dhcp Policies, 170 IP Pool Dialog Box 171 Select to display an Object Selectors, page F-593 172 Ddhhmm 173 174 NTP PolicyFor more information, see Defining NTP Servers, NTP Server Dialog Box, page K-176 175 NTP Server Dialog Box 176 Policy Page, page K-174 177 K-174 178 179 802.1x PolicyFor more information, see Defining 802.1x Policies, 180 Or click Add to display an Object Selectors, page F-593Defined here. See PPP Dialog Box, page K-78 181 182 183 Network Admission Control Page-Setup TabNetwork Admission Control Policy Defining NAC Setup Parameters, 184 185 Configuration Dialog Box, page K-187More information, see Working with Access Rules, Defining NAC Interface Parameters, Network Admission Control Page-Setup Tab, page K-183Network Admission Control Page-Interfaces Tab 186 NAC Interface Configuration Dialog Box 187 Page, page F-31 188 189 Network Admission Control Page-Identities TabDefining NAC Identity Parameters, NAC Identity Profile Dialog Box 190 Actions, see NAC Identity Action Dialog Box, page K-191 NAC Identity Action Dialog BoxNAC Identity Action Dialog Box, page K-191 NAC Identity Profile Dialog Box, page K-190 Box, page K-190 Logging Setup PolicyIntercept ACL. See NAC Interface Configuration Dialog Box K-187 193 Information, see -5 on 194 195 196 197 Syslog Servers PolicyFor more information, see Defining Syslog Servers, 198 Syslog Server Dialog BoxXML Logging on Cisco IOS Routers, Quality of Service PolicyDefining Syslog Servers, Understanding Network/Host Objects, CIR Defining QoS Policies,Understanding Control Plane Policing, 200 201 202 K-205 Quality of Service on Cisco IOS Routers,QoS Policy Dialog Box 203 204 QoS Class Dialog Box 205 206 Dialog Box-Policing Tab, page K-214 Box-Matching Tab, page K-208Box-Queuing and Congestion Avoidance Tab, page K-212 Tab, page K-217 QoS Class Dialog Box-Matching Tab 208 Classes, page K-210 DscpF-593. For more information, see Edit ACLs Dialog Box-QoS 209 210 Edit ACLs Dialog Box-QoS ClassesDefining QoS Class Matching Parameters, QoS Class Dialog Box-Marking Tab 211 QoS Class Dialog Box-Queuing and Congestion Avoidance Tab 212 213 QoS Class Dialog Box-Policing Tab 214 215 216 QoS Class Dialog Box-Shaping Tab 217 218 BGP Routing Policy 219 Supported IP Address Formats, BGP Page-Setup TabDefining BGP Routes, 220 Dialog Box, page K-222 221 Neighbors Dialog Box 222 Redistributing Routes into BGP, BGP Page-Setup Tab, page K-220BGP Page-Redistribution Tab 223 BGP Redistribution Mapping Dialog Box 224 225 226 Eigrp Page-Setup TabEigrp Routing Policy Eigrp Setup Dialog Box 227 Defining Eigrp Routes, 228 Edit Interfaces Dialog Box-EIGRP Passive Interfaces Eigrp Page-Setup Tab, page K-226Eigrp Page-Interfaces Tab 229 Defining Eigrp Interface Properties, 230 231 Systems, see Eigrp Setup Dialog Box, page K-227Eigrp Interface Dialog Box Eigrp Page-Redistribution Tab 232 233 Page-Redistribution Tab, page K-223 Eigrp Redistribution Mapping Dialog BoxRedistributing Routes into EIGRP, 234 235 Ospf Interface Policy 236 237 Ospf Routing on Cisco IOS Routers, Defining Ospf Interface Settings,Ospf Interface Dialog Box 238 239 240 241 Objects, 242 243 Ospf Process Page-Setup TabOspf Process Policy Defining Ospf Process Settings, 244 Ospf Setup Dialog Box 245 246 Ospf Process Page-Setup Tab, page K-243Edit Interfaces Dialog Box-OSPF Passive Interfaces 247 Defining Ospf Area Settings,Ospf Process Page-Area Tab Ospf Area Dialog Box 248 Ospf Process Page-Redistribution Tab 249 250 Ospf Redistribution Mapping Dialog Box 251 252 253 K-243 Ospf Max Prefix Mapping Dialog BoxOspf Redistribution Mapping Dialog Box, page K-251 254 255 RIP Page-Setup TabRIP Routing Policy 256 Defining RIP Setup Parameters,An Object Selectors, page F-593 257 RIP Page-Authentication TabEdit Interfaces Dialog Box-RIP Passive Interfaces 258 Defining RIP Interface Authentication Settings,RIP Page-Setup Tab, page K-255 RIP Authentication Dialog Box 259 260 Redistribution tab. See RIP Page-Setup Tab, page K-255RIP Page-Redistribution Tab 261 RIP Redistribution Mapping Dialog BoxRedistributing Routes into RIP, 262 263 Static Routing PolicyStatic Routing on Cisco IOS Routers, Static Routing Dialog Box 264 Defining Static Routes, 265 266 267 268