Cisco PIX 500 Series Configuration Manual page 323
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Chapter 17
Configuring NAT
Figure 17-6
10.1.2.27
Figure 17-7
is not currently in the translation table; therefore, the security appliance drops the packet.
Figure 17-7
Web Server
www.example.com
Outside
10.1.2.27
For the duration of the translation, a remote host can initiate a connection to the translated host if an
Note
access list allows it. Because the address is unpredictable, a connection to the host is unlikely.
Nevertheless, in this case, you can rely on the security of the access list.
OL-12172-03
Remote Host Attempts to Connect to the Real Address
Translation
209.165.201.10
shows a remote host attempting to initiate a connection to a mapped address. This address
Remote Host Attempts to Initiate a Connection to a Mapped Address
209.165.201.2
209.165.201.10
Security
Appliance
10.1.2.1
Inside
Web Server
www.example.com
Outside
209.165.201.2
Security
Appliance
10.1.2.1
Inside
10.1.2.27
Cisco Security Appliance Command Line Configuration Guide
NAT Overview
10.1.2.27
17-7
Advertisement
Table of Contents
Troubleshooting
