ryan80
asked on
asa static command using a network instead of host
I was looking over the config of an ASA and saw a static command that I am not familiar with what it does:
static (dmz,outside) 10.5.5.0 access-list nonat_dmz
where the access list nonat_dmz permits traffic from the dmz network to all of the remote networks connected through a L2L vpn.
What exactly does this command do?
static (dmz,outside) 10.5.5.0 access-list nonat_dmz
where the access list nonat_dmz permits traffic from the dmz network to all of the remote networks connected through a L2L vpn.
What exactly does this command do?
Last Comment
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Yes, both your assumptions are correct :)
Cisco
Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).
27K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER
Also when using this command, it will be a nat with the same address in the host bits? for example lets just say that the DMZ was actually 10.6.6.0. So if traffic coming from 10.6.6.100 was sent to those networks defined in the ACL, they would see the traffic coming from 10.5.5.100? The question being that the .100 would be the same for the originating address and the nat'ed address?