Must admit I've not seen it without the (interface) option. Does the "nat 1 0 0" format equate to:
nat (inside) 1 0 0 and nat (DMZ) 1 0 0 or just the inside interface? Not got a Pix to try it on until tomorrow, or at least if I do I'll probably lose the Pix I'm VPN'ing through :-) Gaz ""Peter zhang"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > what is the difference between > nat (inside) 1 0 0 > and > nat 1 0 0 > > They are the same, nat all inside networks > ############ > > I am completely lost when to use "netmask" when not. Some statements are > required to have one some not. Is there any rule about it that or I just > have to memorize all. > example > static (inside,outside) 200.1.1.1 10.1.1.1 -->> no netmask statement > > it will give you static translation with 32/bit mask > ############### > > isakmp key mykey address 200.1.1.1 netmask 255.255.255.255 > > defaults to 32/bit mask of specified peer address if no mask defined > > ############## > interface outside 200.200.200.10 255.255.255.0 -->> no netmask statement > gobal (outside) 200.1.1-200.1.1.20 netmask 255.255.255.0 > > it will give a default mask depends on ip address class if no netmask defined Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=47874&t=47786 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
