Solved

FWSM Config

Posted on 2012-12-23
2
598 Views
Last Modified: 2012-12-24
In my company i am having FWSM and i want to understand the config which is running into it.i can easily make it out that object-group is called but still i am not able to understand two cmnds which are below.


name 5.5.5.5 sales  (why we use name cmd) ?

interface Vlan220
 nameif inside1
 security-level 70
 ip address 10.3.220.254 255.255.255.0 standby 10.3.220.250


interface Vlan146
 nameif outside
 security-level 0
 ip address 6.6.6.6 255.255.255.0 standby 6.6.6.7

 
object-group network POET
 description Poet
 network-object 9.79.48.0 255.255.255.0

object-group service WWW tcp
 description WEb Access TCP Ports
 port-object eq www
 port-object eq https

access-list outsidelist extended permit tcp object-group POET host sales object-group WWW

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255  (what nat is this)

Thanks in advance.
0
Comment
Question by:pawanopensource
2 Comments
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 38719013
The name command is simply a configuring a host name for 5.5.5.5. I don't think it's required but it's usually done. The NAT command is translating "sales" which is 5.5.5.5, to 10.3.220.106.
0
 
LVL 12

Expert Comment

by:Fidelius
ID: 38719103
Hello,

From command reference:
To associate a name with an IP address, use the name command in global configuration mode. To disable the use of the text names but not remove them from the configuration, use the no form of this command.
name ip_address name
no name ip_address [name]

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255
This is persistent one-to-one NAT. It translates IP address 10.3.220.106 to sales IP (5.5.5.5)

static (real_ifc,mapped_ifc) mapped_ip real_ip netmask mask

For name command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/no.html#wp1638986
For static command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/s8.html#wp2760334

Regards!
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question