NAT rule 0

[accesslimiter]

Can anyone elaborate on the specifics behind "additional NAT rule 0"? Or point me to any docs concerning this? All my searches have turned up nothing on "NAT rule 0". Thanks,

[gavvys]

According to me NAT 0 specifies that when you do not want to NAT the traffic.

[cciesec2006]

Seems like accesslimiter comes from a Cisco environment. NAT 0, identity NAT,
nat exemption, Port Address Translation (PAT), etc...

Just one thing to keep in mind, checkpoint will do:

1- NAT
2- Encrypt
3- route

cisco will do the following:

1- NAT
2- route
3- encrypt

[chillyjim]

Quote:

Originally Posted by cciesec2006

Just one thing to keep in mind, checkpoint will do:

1- NAT
2- Encrypt
3- route

True for "Domain based VPN" for "Route Based VPN" 2 and 3 are switched.

[accesslimiter]

No I am pretty much a CP guy, 9 years and running. CP logs will show you NAT rule 0 entries and I am trying to figure out what circumstances would cause a NAT rule 0, no docs that I can find on this. I do see this with VPN routing and when selcting within a community not to NAT between enc domains. I also see this with no VPN, recently I ran into case a routing mistake which in turn was throwing up the "addtional NAT rule 0".