asked on

FWSM Config

In my company i am having FWSM and i want to understand the config which is running into it.i can easily make it out that object-group is called but still i am not able to understand two cmnds which are below.

name 5.5.5.5 sales (why we use name cmd) ?

interface Vlan220
nameif inside1
security-level 70
ip address 10.3.220.254 255.255.255.0 standby 10.3.220.250

interface Vlan146
nameif outside
security-level 0
ip address 6.6.6.6 255.255.255.0 standby 6.6.6.7

object-group network POET
description Poet
network-object 9.79.48.0 255.255.255.0

object-group service WWW tcp
description WEb Access TCP Ports
port-object eq www
port-object eq https

access-list outsidelist extended permit tcp object-group POET host sales object-group WWW

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255 (what nat is this)

Thanks in advance.

ASKER CERTIFIED SOLUTION

mikebernhardt

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Fidelius

Hello,

From command reference:
To associate a name with an IP address, use the name command in global configuration mode. To disable the use of the text names but not remove them from the configuration, use the no form of this command.
name ip_address name
no name ip_address [name]

static (inside1,outside) sales 10.3.220.106 netmask 255.255.255.255
This is persistent one-to-one NAT. It translates IP address 10.3.220.106 to sales IP (5.5.5.5)

static (real_ifc,mapped_ifc) mapped_ip real_ip netmask mask

For name command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/no.html#wp1638986
For static command, you can find more info here:
http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/command/reference/s8.html#wp2760334

Regards!