ryan80
asked on
asa static command using a network instead of host
I was looking over the config of an ASA and saw a static command that I am not familiar with what it does:
static (dmz,outside) 10.5.5.0 access-list nonat_dmz
where the access list nonat_dmz permits traffic from the dmz network to all of the remote networks connected through a L2L vpn.
What exactly does this command do?
static (dmz,outside) 10.5.5.0 access-list nonat_dmz
where the access list nonat_dmz permits traffic from the dmz network to all of the remote networks connected through a L2L vpn.
What exactly does this command do?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Yes, both your assumptions are correct :)
ASKER
Also when using this command, it will be a nat with the same address in the host bits? for example lets just say that the DMZ was actually 10.6.6.0. So if traffic coming from 10.6.6.100 was sent to those networks defined in the ACL, they would see the traffic coming from 10.5.5.100? The question being that the .100 would be the same for the originating address and the nat'ed address?