Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

FWSM Config

Posted on 2012-12-23
2
Medium Priority
?
646 Views
Last Modified: 2012-12-24
In my company i am having FWSM and i want to understand the config which is running into it.i can easily make it out that object-group is called but still i am not able to understand two cmnds which are below.


name 5.5.5.5 sales  (why we use name cmd) ?

interface Vlan220
 nameif inside1
 security-level 70
 ip address 10.3.220.254 255.255.255.0 standby 10.3.220.250


interface Vlan146
 nameif outside
 security-level 0
 ip address 6.6.6.6 255.255.255.0 standby 6.6.6.7

 
object-group network POET
 description Poet
 network-object 9.79.48.0 255.255.255.0

object-group service WWW tcp
 description WEb Access TCP Ports
 port-object eq www
 port-object eq https

access-list outsidelist extended permit tcp object-group POET host sales object-group WWW

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255  (what nat is this)

Thanks in advance.
0
Comment
Question by:pawanopensource
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 2000 total points
ID: 38719013
The name command is simply a configuring a host name for 5.5.5.5. I don't think it's required but it's usually done. The NAT command is translating "sales" which is 5.5.5.5, to 10.3.220.106.
0
 
LVL 12

Expert Comment

by:Fidelius
ID: 38719103
Hello,

From command reference:
To associate a name with an IP address, use the name command in global configuration mode. To disable the use of the text names but not remove them from the configuration, use the no form of this command.
name ip_address name
no name ip_address [name]

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255
This is persistent one-to-one NAT. It translates IP address 10.3.220.106 to sales IP (5.5.5.5)

static (real_ifc,mapped_ifc) mapped_ip real_ip netmask mask

For name command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/no.html#wp1638986
For static command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/s8.html#wp2760334

Regards!
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question