The interface field is labeled Destination. If I put in PSN for that field, then it would apply IP Pass Through to packets that came from the PSN Network and were destined for the PSN Interface (itself). That wouldn't work because I obviously want NAT for packets coming from the PSN to the EXT since the PSN Network is a private network. By specifying the PROT network, I'm telling it not to apply NAT for packets coming from the PSN Network destined for the PROT network...which is what I want.
-----Original Message----- From: Dan Swartzendruber [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 23, 2001 12:52 PM To: Edward Ingram; 'Chris Green'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: How to allow access from PSN to PROT At 10:40 AM 10/23/2001 -0700, Edward Ingram wrote: >Another question. Now, when I Verify Configuration, it comes up yellow >stating that I'm specifying a Destination interface of PROT for my IP >Pass Through network/host. It's probably just a warning and not a >setup error (I'm assuming since it's working) but I think it's causing >problems with HA. I believe this is wrong. The interface field tells gnatbox "don't do NAT when a packet exits through interface X". NAT is done outbound, so specifying the PROT interface doesn't make sense. This should be the PSN interface, I think.
