ASA and FTD Software: Network Address Translation Might Become Disabled – Software Upgrade Recommended


ASA Code: 9.12.4 through 9.16.2

FTD Code: 6.4.0 through

NAT stops translating source addresses after changes to object-groups in the manual NAT Rule

Problem Description

For some versions of Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software, Network Address Translation (NAT) might become disabled after the object-groups in the NAT rule settings are changed.


Cisco ASA and FTD software might not complete the layer 3 (L3) header of an updated source or destination address in the manual NAT rule that references the object-group with an updated nested object


Leave a Reply

Your email address will not be published. Required fields are marked *