Yep, and i believe NAT Exemption does not count toward classification, whereas Identity NAT should.
Sent from my iPhone On Sep 14, 2012, at 12:27 PM, Mike Rojas <[email protected]> wrote: > Hi, > > Missing existing flow. Yes, if you have NAT the packet is going to be > classified if there is no Unique mac address. Mostlikely it is needed when > using shared interfaces. Now very important, if it does not says it > explicitly on the test, you can enable it. It is always best to read > carefully what they ask. > > Mike Rojas > > > > Date: Fri, 14 Sep 2012 11:13:33 +0200 > From: [email protected] > To: [email protected] > Subject: [OSL | CCIE_Security] ASA contexts with a shared physical interface. > > > Hi > > > Have a doubt about this..... > > I know that the packet classification is done in the following order: > > 1. Classification based on destination MAC - require unique MAC on each > shared interface > 2. Classification based on destination IP and NAT > > If I have two context with a shared outside interface and Enables NAT Control > and doesn't use overlapping subnets - is it correct assumed that I do not > need to activate the "mac-address auto" or manual configure unique MAC > addresses of the physical interfaces - because NAT will classify packets? > > I know that in real life - best practice is to always enable mac-address auto > when using shared interfaces - but what is right in LAB Exam??? > > > > /Peter > > > RELEASABLE TO INTERNET TRANSMISSION > > Please note that this message may contain confidential information. If you > have received this message by mistake, please inform the sender of the > mistake by sending a reply, and then delete the message from your system > without making, distributing or retaining any copies of it. Although we > believe that the message and any attachments are free from viruses and other > errors that might affect the computer or IT system where it is received and > read, the recipient opens the message at his or her own risk. We assume no > responsibility for any loss or damage arising from the receipt or use of this > message. > > _______________________________________________ For more information > regarding industry leading CCIE Lab training, please visit www.ipexpert.com > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
