Even today, these changes still surprise people when upgrading from 8.2 to 8.3 or later and many people have a hard time understanding these changes. However, these changes are actually a good thing as it gives you more granular control over the NAT function(s) that your Cisco ASA performs.

I have compiled a list of differences as shown below to help you understand the configurational differences between pre-v8.3 and post-v8.3 NAT configurations.

First we will start with STATIC NAT which is translation from one IP Address on the outside interface (203.0.113.20) to an IP Address on the inside interface (10.1.1.6)

Regular Static NAT 8.2 & Earlier

static (inside,outside) 203.0.113.20 10.1.1.6 netmask 255.255.255.255

Regular Static NAT 8.3 & Later

object network obj-10.1.1.6
 host 10.1.1.6
 nat (inside,outside) static 203.0.113.20

Next up is the Static PAT where we translate port 80 on the outside interface IP Address of 203.0.113.20 to inside IP 10.1.1.15 port 8080.

Regular Static PAT 8.2 & Earlier

static (inside,outside) tcp 203.0.113.20 80 10.1.1.15 8080 netmask 255.255.255.255

Regular Static PAT 8.3 & Later

object network obj-10.1.1.15
 host 10.1.1.16
 nat (inside,outside) static 203.0.113.20 service tcp 8080 www

Now we’ll take a look at Static Policy NAT where if the host IP Address 10.1.2.3 attempting to get to the subnet 10.75.7.0/27 gets NAT’d to 192.168.100.100 on the outside interface.

Static Policy NAT 8.2 & Earlier

access-list NET1 permit ip host 10.1.2.3 10.75.7.0 255.255.255.224
!
static (inside,outside) 192.168.100.100 access-list NET1

Static Policy NAT 8.3 & Later

object network obj-10.1.2.3
 host 10.1.2.3
object network obj-192.168.100.100
 host 192.168.100.100
object network obj-10.75.7.0
 subnet 10.75.7.0 255.255.255.224
nat (inside,outside) source static obj-10.1.2.3 obj-192.168.100.100 destination static obj-10.75.7.0 obj-10.75.7.0