Command

Unanswered Question
Jan 16th, 2009
User Badges:

Hi ALL:

Couls any one let me know what does this command means, why i am using same ip for server and outside an why 0 0 at the end i am confused.

static (Server,outside) 172.20.2.0 172.20.2.0 netmask 255.255.254.0 0 0


Chao

Vishwa

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
JORGE RODRIGUEZ Fri, 01/16/2009 - 20:40
User Badges:
  • Green, 3000 points or more

Vishwa,


The first 0 pertains to the maximun number of connections and the second 0 is the number of embryonic connections that are allowed .


http://www.cisco.com/en/US/docs/security/pix/pix63/command/reference/s.html#wp1026694



In above link see max_conns for first 0 and emb_limit for second 0



When you issue at command line a static nat entry , you do not have to place the 0 0 at the end since they both default to 0s.

static (Server,outside) 172.20.2.0 172.20.2.0 netmask 255.255.254.0



using same subnet address 172.20.2.0 simply means you are not NATing between the two interfaces.



Regards

PLS rate any helpful posts


JORGE RODRIGUEZ Fri, 01/16/2009 - 21:24
User Badges:
  • Green, 3000 points or more

Vishwa,


using same subnet address 172.20.2.0 simply means you are not NATing between the two interfaces.


A little correction, let me rephrase above statement


with this static nat there is no NAT address translation which means 172.20.2.0 network will be presented to the oustide as 172.20.2.0.


Regards

Actions

This Discussion