Home
Certification Preparation
Cisco
CCNP
CCNP Security
Access list for NAT
mattrgee
Hi all,
One of our machines in our DMZ is NAT'd into our inside network:
static (inside,dmz) 192.168.0.40 10.10.10.47 netmask 255.255.255.255 0 0
Hosts on the 10.10.10.0/24 network need to access the DMZ machine (192.168.0.40) using VNC (5900).
I'm a bit confused about what the destination for the access list will be due to the NAT'd address being on the inside network.
Any help appreciated.
Thanks.
Find more posts tagged with
Comments
clikcspeed
Very interesting! I´m taking ICND2 and am cracking myself on this one...
Ahriakin
You use the IP they will see, so 10.10.10.47.
However if you're using an ASA version 8.3 adds the ability to use the local address for a lot of traditionally post-nat functions now, I haven't played with it yet though.
mattrgee
Thanks!
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
