GroupStudy.com - CCIE, CCNA, CCNP and other Cisco Certifications

Home

BookStore

StudyNotes

Links

[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Subject: RE: Necessity of Static Commands in PIX Config [7:98221]
From: "max.reid@xxxxxxxxxxxxxxxxx" <max.reid@xxxxxxxxxxxxxxxxx>
Date: Mon, 4 Apr 2005 12:42:07 -0400

Quoting David Mitchell :

> Thank you all for your excellent responses!
> 
> I still have one grey area though - the "directional" nature of nonat.
> 
> Take the following as an example:
> 
> Nat (inside) 0 access-list no-nat
> Access-list no-nat permit ip any 10.20.0.0 255.255.0.0
> 
> I understand that this will cause any inside traffic destined to
> 10.20.x.x to NOT be translated - and just use it's native addresses.

Correct.

> 
> However, what about traffic initiating from outside (10.20.x.x) trying
> to get back in? 

No transaltion will occur for the return traffic, or traffic originated from
the
outside, UNLESS you enable bi-directional NAT* (Aka Outside NAT, aka
Enhanced
Alias)

See here for more details!

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a00800eb71e.html#wp1063701


Regards,
Max




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=98230&t=98221
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Prev by Date: RE: How To Pass CCNP [7:98212]
Next by Date: RE: Necessity of Static Commands in PIX Config [7:98221]
Previous by thread: RE: Necessity of Static Commands in PIX Config [7:98221]
Next by thread: RE: Necessity of Static Commands in PIX Config [7:98221]
Index(es):
- Date
- Thread