was playing round on a ASA 5510 using the ASDM which wrote: static (dmz,outside) 40.1.1.4 40.1.1.4 netmask 255.255.255.255
This takes me by surprise, as it's not in keeping with the syntax I learned for the PIX, and indeed when I tried to write more PIX like static's via telnet they were refused -
I must add here that it's been a year since I did any PIX work, and that , once again, I find it all very obscure and non-intuitive, but I thought I had a clear sense of statics .... I can't yet make any sense out of what I posted below. ( static (dmz,outside) 40.1.1.4 40.1.1.4 netmask 255.255.255.255)
I started to play with the newer ASA and then backed off. I still cant get any SSH client (0 for 3 ) to connect to the old PIX....and you'll see in a future post I'm having trouble opening up a hole into a new server behind the wall with a static/access list combo ...at least I'm learning how to use Kiwi and syslog....why the *&(& didn't Cisco emphasise the need for "TRAP" in their docs ? Many thanks for any pointers.
forwards -all- ports for the IP address, and is still completely valid.
If someone sends a packet to the outside interface addressed to
40.1.1.4 then (outside ACL permitting) the packet will be forwarded to IP address 40.1.1.4 on the DMZ, with the port number unchanged.
If someone sends a packet out of the dmz interface with a source address of 40.1.1.4 then (dmz ACL permitting) the packet will be forwarded out the outside interface with a source IP address of 40.1.1.4, with the port number unchanged.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.