Yes your absolute correcto mundo. The ASA algorithm analyzes the return traffic to retain statefulness.
Julian ----- Original Message ----- From: "Sam" To: Sent: Wednesday, March 05, 2003 10:09 AM Subject: NAT on PIX [7:64476] > Hey Guys. > These questions are regarding NAT in reference to PIX only. > > 1)Static NAT works both ways. From outside to inside and vice versa. > However, You need an access-list configured if you are accessing from a > lower-security interface to a higher-security one. > > 2)Dynamic NAT on the contrary doesn't work both ways. Connections can be > initiated only from one interface to another and the other can only reply > statefully. Am I right? > Eg: If I configure an internal network(10.0.1.0) to translate to > 64.4.4.10-64.4.4.30, 30 connections can be initiated towards the internet > and they would work fine. Replies can be sent back to those initiated > connections but no connections can be initiated from the Internet to the > internal network. Hence, I call it stateful. > Am I right about this full statement? > > Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64535&t=64476 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
