The ASA translates an address when a NAT rule matches the traffic. If no NAT rule matches, processing for the packet continues. A single dynamic NAT overload rule is created with the following commands:
nat (inside) 1 192.168.0.0 255.255.255.0
global (outside) 1 interface
Therefore any packet coming from 192.168.0.0/24 and going to the Internet, is translated to the outside interface address.
However, ASA 8.2 adds the following entries to the NAT table when you multiple active interfaces and a nat statement is defined:
match ip inside 192.168.0.0 255.255.255.0 outside any
dynamic translation to pool 1 (192.0.2.1 [Interface PAT])
match ip inside 192.168.0.0 255.255.255.0 DMZ any
dynamic translation to pool 1 (No matching global)
match ip inside 192.168.0.0 255.255.255.0 Guest any
dynamic translation to pool 1 (No matching global)
It creates translation conditions for all the active interfaces, but if global statements are not defined for all of them, packets will be dropped due to "no matching global". In other words, the translation rule is not complete and the ASA cannot process the packet.
Then, if we have traffic going to networks connected to the other interfaces and translations are not required, we must create additional rules to handle exceptions (NAT exempt or NAT 0 or NONAT rules).
ASA 8.3 and later releases do not create those additional translation conditions, then NAT exempt rules for other interfaces are not required. This is a NAT table on new releases for the scenario described above:
1 (inside) to (outside) source dynamic net-192.168.0.0-24 interface
