two static nat order of operation

Unanswered Question
Aug 22nd, 2007
User Badges:



If a new packet(192.168.10.10 source ip from inside to outside) comes into a FWSM, which public ip address will be translated ?


FWSM(config)# static (inside,outside) 209.165.200.226 192.168.10.10 netmask 255.255.255.255


FWSM(config)# static (inside,outside) 209.165.200.232 192.168.10.0 netmask 255.255.255.248


Please tell me how will be working and a reason why

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mattiaseriksson Wed, 08/22/2007 - 04:23
User Badges:
  • Bronze, 100 points or more

Unless there is an existing xlate for that address, 192.168.10.10 should be translated to 209.165.200.226 because the order of operation between statics is first match wins.


Could you enter the commands without an error?

creamware Wed, 08/22/2007 - 20:23
User Badges:

there was no error when i enter the commands.


is the order of operation matching first in a whole nat-static configuration? not loggest match ?


rajbhatt Wed, 08/22/2007 - 21:35
User Badges:


Hi,

Why dont u verify the xlate .

Please issue the following command to check out

sh xl loc 192.168.10.10

In case there is already an existing translation for that we can use the following to clear the xlate table cl xl loc 192.168.10.10

and recheck it again


Raj

Actions

This Discussion