At 02:54 PM 10/23/01 -0700, Edward Ingram wrote: >Ok...I reversed the subnet (changed from PSN to PROT) and the >Destination interface (changed from PROT to PSN) in the IP Pass Through >network and clicked on Inbound. Everything is working the same as >before (one exception, I had to specifically allow access from the PROT >to the PSN, whereas before I didn't have to) and I no longer have the >Verify Configuration error.
Yes. This would be an outbound passthrough filter. >I wasn't aware that NAT isn't applied to PSN --> PROT, I was only >informed that a IP Pass Through filter would be necessary to allow PSN >--> PROT access, so based on that, I created the filter and added the >Network entry on the basis of FROM PSN TO PROT. Since it was "TO PROT" >I had set the Destination to PROT. NAT only applies to upward privilege shifts. e.g. PSN => PROT, EXT => PROT or PSN, etc...
