• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 673
  • Last Modified:

FWSM Config

In my company i am having FWSM and i want to understand the config which is running into it.i can easily make it out that object-group is called but still i am not able to understand two cmnds which are below.


name 5.5.5.5 sales  (why we use name cmd) ?

interface Vlan220
 nameif inside1
 security-level 70
 ip address 10.3.220.254 255.255.255.0 standby 10.3.220.250


interface Vlan146
 nameif outside
 security-level 0
 ip address 6.6.6.6 255.255.255.0 standby 6.6.6.7

 
object-group network POET
 description Poet
 network-object 9.79.48.0 255.255.255.0

object-group service WWW tcp
 description WEb Access TCP Ports
 port-object eq www
 port-object eq https

access-list outsidelist extended permit tcp object-group POET host sales object-group WWW

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255  (what nat is this)

Thanks in advance.
0
pawanopensource
Asked:
pawanopensource
1 Solution
 
mikebernhardtCommented:
The name command is simply a configuring a host name for 5.5.5.5. I don't think it's required but it's usually done. The NAT command is translating "sales" which is 5.5.5.5, to 10.3.220.106.
0
 
FideliusCommented:
Hello,

From command reference:
To associate a name with an IP address, use the name command in global configuration mode. To disable the use of the text names but not remove them from the configuration, use the no form of this command.
name ip_address name
no name ip_address [name]

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255
This is persistent one-to-one NAT. It translates IP address 10.3.220.106 to sales IP (5.5.5.5)

static (real_ifc,mapped_ifc) mapped_ip real_ip netmask mask

For name command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/no.html#wp1638986
For static command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/s8.html#wp2760334

Regards!
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now