Firewall Wizards mailing list archives

Re: NAT order help

From: "Avishai Wool" <yash () acm org>
Date: Fri, 9 Nov 2007 15:58:21 +0200

sivakumar

first, AFAIK they are not in conflict since the translate-from
address is different (10.0.0.0 != 1.1.1.2), so the order is irrelevant (?)

second, I think they are processed in order

google for "cisco pix command reference" and follow the
links to your pix version - I looked at
 http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/s8_72.html#wp1202525

for ASA 7.2

HTH,
  Avishai

On 11/6/07, sivakumar <siva_itech () yahoo com> wrote:


Hi,

access-list rule1 permit tcp 10.0.0.0 255.0.0.0 host 1.1.1.1

static(inside,ouside) 1.1.1.2 access-list rule1 0 0
static (inside,outside) 10.0.0.0 10.0.0.0 netmask 255.0.0.0 0 0

Please tell me which statement will take precedence - policy NAT ot Static
NAT..

--
View this message in context: http://www.nabble.com/NAT-order-help-tf4737610.html#a13548213
Sent from the Firewall Wizards mailing list archive at Nabble.com.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



-- 
Avishai Wool, Ph.D.,  Co-founder and Chief Technical Officer
               http://www.algosec.com
******* Firewall Management Made Smarter ******
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

NAT order help sivakumar (Nov 08)
- Re: NAT order help kevin horvath (Nov 09)
- Re: NAT order help Avishai Wool (Nov 09)
  - Re: NAT order help kevin horvath (Nov 09)
    - Re: NAT order help Avishai Wool (Nov 12)
    - Re: NAT order help kevin horvath (Nov 13)
    - Re: NAT order help sivakumar (Nov 14)
    - Re: NAT order help kevin horvath (Nov 14)