Cisco Cisco FirePOWER Appliance 8140
12-8
FireSIGHT System User Guide
Chapter 12 Using NAT Policies
Managing NAT Policies
Creating a NAT Policy
License:
Control
Supported Devices:
Series 3
When you create a new NAT policy you must, at minimum, give it a unique name. Although you are not
required to identify policy targets at policy creation time, you must perform this step before you can
apply the policy; see
required to identify policy targets at policy creation time, you must perform this step before you can
apply the policy; see
. If you apply a NAT policy with no rules
to a device, the system removes all NAT rules from that device.
To create a NAT policy:
Access:
Admin/Network Admin
Step 1
Select
Devices > NAT
.
The NAT page appears.
Step 2
Click
New Policy
.
The New NAT Policy pop-up window appears.
Step 3
Give the policy a unique
Name
and, optionally, a
Description
.
You can use all printable characters, including spaces and special characters.
Step 4
Select the
Available Devices
where you want to apply the policy.
Use Ctrl and Shift to select multiple devices, or right-click to
Select All
. To narrow the devices that
appear, type a search string in the
Search
field. To clear the search, click the clear icon (
).
Step 5
Add the
Selected Devices
. You can click and drag, or you can click
Add to Policy
.
Step 6
Click
Save
.
copy a NAT policy
click the copy icon (
). See
for more
information.
view a PDF report that lists the current
configuration settings in a NAT policy
configuration settings in a NAT policy
click the report icon (
). See
more information.
compare NAT policies
click
Compare Policies
. See
for
more information.
delete a NAT policy
click the delete icon (
), then click
OK
, or click
Cancel
if you decide not to
delete the policy. When prompted whether to continue, you are also
informed if another user has unsaved changes in the policy.
informed if another user has unsaved changes in the policy.
Note
After you have applied a NAT policy to a managed device, you
cannot delete the policy from the device. Instead, you must apply a
NAT policy with no rules to remove the applied NAT rules from the
managed device. You also cannot delete a policy that is the last
applied policy on any of its target devices, even if it is out of date.
Before you can delete the policy completely, you must apply a
different policy to those targets.
cannot delete the policy from the device. Instead, you must apply a
NAT policy with no rules to remove the applied NAT rules from the
managed device. You also cannot delete a policy that is the last
applied policy on any of its target devices, even if it is out of date.
Before you can delete the policy completely, you must apply a
different policy to those targets.
Table 12-5
NAT Policy Management Actions (continued)
To...
You can...