<div>
on this ASA, the 10.5.5.0 network is the DMZ network. So basically it should be exempt from NATing when going to the networks defined by the access list?<br />
<br />
Also when using this command, it will be a nat with the same address in the host bits? for example lets just say that the DMZ was actually 10.6.6.0. So if traffic coming from 10.6.6.100 was sent to those networks defined in the ACL, they would see the traffic coming from 10.5.5.100? The question being that the .100 would be the same for the originating address and the nat'ed address?
</div>


on this ASA, the 10.5.5.0 network is the DMZ network. So basically it should be exempt from NATing when going to the networks defined by the access list?

Also when using this command, it will be a nat with the same address in the host bits? for example lets just say that the DMZ was actually 10.6.6.0. So if traffic coming from 10.6.6.100 was sent to those networks defined in the ACL, they would see the traffic coming from 10.5.5.100? The question being that the .100 would be the same for the originating address and the nat'ed address?

<div>
Yes, both your assumptions are correct :)
</div>


Yes, both your assumptions are correct :)

<div>
<div class="content wysiwyg-content">
I was looking over the config of an ASA and saw a static command that I am not familiar with what it does:<br />
<br />
static (dmz,outside) 10.5.5.0 access-list nonat_dmz<br />
<br />
where the access list nonat_dmz permits traffic from the dmz network to all of the remote networks connected through a L2L vpn.<br />
<br />
What exactly does this command do?
</div>
</div>


I was looking over the config of an ASA and saw a static command that I am not familiar with what it does:

static (dmz,outside) 10.5.5.0 access-list nonat_dmz

where the access list nonat_dmz permits traffic from the dmz network to all of the remote networks connected through a L2L vpn.

What exactly does this command do?

asa static command using a network instead of host

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Network Management

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.