Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

access list help

Posted on 2014-01-27
3
Medium Priority
?
270 Views
Last Modified: 2014-02-24
what is the impact  on the traffic of the below  line


nat (inside) 0 access-list inside_nat0_outbound
0
Comment
Question by:renegadecy
  • 3
3 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 39811585
Any traffic that is included in that access-list...........

show run access-list inside_nat0_outbound

Open in new window


will show you, is not NATTED i.e not tranlated to the public IP address, this is usually (but not always) used to stop VPN Traffic being NATTED when going to a remote site.

Pete
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 39811586
To quantify, nat 0 means DONT NAT.
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 1500 total points
ID: 39811592
So ASA Pre 8.3 (which is in use in your example above)

nat (inside) 0 access-list EXEMPT
access-list EXEMPT extended permit ip 10.254.254.0 255.255.255.0 172.16.254.0 255.255.255.0

Open in new window

Would not tranlate any traffic going from10.254.254.0 255.255.255.0 to 172.16.254.0 255.255.255.0

This code has changed on the newer ASA's to do the same you would need,
object network obj-10.254.254.0
subnet 10.254.254.0 255.255.255.0
object network obj-172.16.254.0
subnet 172.16.254.0 255.255.255.0
nat (inside,any) source static obj-10.254.254.0 obj-10.254.254.0 destination static obj-172.16.254.0 obj-172.16.254.0

Open in new window


Pete

Cisco PIX/ASA 8.3 Command Changes {NAT / Global / Access-List}
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Integration Management Part 2
Loops Section Overview
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question