Giuseppe Larosa Thu, 04/02/2009 - 02:53
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Rupesh,

this line should instruct the PIX to accept traffic from inside to outside from 10.48.0.0 255.252.0.0 and that these addresses are not natted but left unchanged (see that 1048.0.0 appears two times this means left it unchanged)


Hope to help

Giuseppe





Jon Marshall Thu, 04/02/2009 - 03:47
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Rupesh


In addition to Giuseppe's post it also allows connections to be initiated from outside to those addresses providing you have allowed the traffic in an acl.


Jon

lamav Thu, 04/02/2009 - 06:15
User Badges:
  • Blue, 1500 points or more

And to add to what both of them said, the reason that you would do a NAT like this, where it doesnt seem to achieve anything, since the addresses dont change, is that the PIX firewall's Adaptive Security Algorithim is engineered to look for NAT translations between any 2 interfaces.


Victor

Actions

This Discussion