19 مرداد 1393, 10:33 ق.ظ
Information About Dynamic NAT NAT
یکی از ابزارهاییست که برای حل مشکل محدودیت در IP ورژن ۴ به صورت موقت مورد استفاده قرار می گیرد و البته به خاطر پنهان کردن و یا تغییر IP های مبدا یک روش امنیتی نیز به حساب می آید
Dynamic NAT translates a group of real addresses to a pool of mapped addresses that are routable on the destination network. The mapped pool may include fewer addresses than the real group. When a host you want to translate accesses the destination network, the ASA assigns the host an IP address from the mapped pool. The translation is added only when the real host initiates the connection. The translation is in place only for the duration of the connection, and a given user does not keep the same IP address after the translation times out. For an example, see the timeout xlate command in the Cisco ASA 5500 Series Command Reference. Users on the destination network, therefore, cannot initiate a reliable connection to a host that uses dynamic NAT, although the connection is allowed by an access list, and the ASA rejects any attempt to connect to a real host address directly. See Chapter 28 "Configuring Static NAT," or Chapter 30 "Configuring Static PAT," for information about how to obtain reliable access to hosts.
Note In some cases, a translation is added for a connection, although the session is denied by the ASA. This condition occurs with an outbound access list, a management-only interface, or a backup interface in which the translation times out normally. For an example, see the show xlate command in the Cisco ASA 5500 Series Command Reference.
Figure 29-1 shows a remote host attempting to connect to the real address. The connection is denied because the ASA only allows returning connections to the mapped address.
کانفیک شده در پکت تریسر پسوند فایل رو .pkt کرده و تو پکت تریسر ران کنید
مهمان عزیز شما قادر به مشاهده پیوندهای انجمن مانشت نمیباشید. جهت مشاهده پیوندها ثبت نام کنید.
مهمان عزیز شما قادر به مشاهده پیوندهای انجمن مانشت نمیباشید. جهت مشاهده پیوندها ثبت نام کنید.
یکی از ابزارهاییست که برای حل مشکل محدودیت در IP ورژن ۴ به صورت موقت مورد استفاده قرار می گیرد و البته به خاطر پنهان کردن و یا تغییر IP های مبدا یک روش امنیتی نیز به حساب می آید
Dynamic NAT translates a group of real addresses to a pool of mapped addresses that are routable on the destination network. The mapped pool may include fewer addresses than the real group. When a host you want to translate accesses the destination network, the ASA assigns the host an IP address from the mapped pool. The translation is added only when the real host initiates the connection. The translation is in place only for the duration of the connection, and a given user does not keep the same IP address after the translation times out. For an example, see the timeout xlate command in the Cisco ASA 5500 Series Command Reference. Users on the destination network, therefore, cannot initiate a reliable connection to a host that uses dynamic NAT, although the connection is allowed by an access list, and the ASA rejects any attempt to connect to a real host address directly. See Chapter 28 "Configuring Static NAT," or Chapter 30 "Configuring Static PAT," for information about how to obtain reliable access to hosts.
Note In some cases, a translation is added for a connection, although the session is denied by the ASA. This condition occurs with an outbound access list, a management-only interface, or a backup interface in which the translation times out normally. For an example, see the show xlate command in the Cisco ASA 5500 Series Command Reference.
Figure 29-1 shows a remote host attempting to connect to the real address. The connection is denied because the ASA only allows returning connections to the mapped address.
کانفیک شده در پکت تریسر پسوند فایل رو .pkt کرده و تو پکت تریسر ران کنید
مهمان عزیز شما قادر به مشاهده پیوندهای انجمن مانشت نمیباشید. جهت مشاهده پیوندها ثبت نام کنید.
مهمان عزیز شما قادر به مشاهده پیوندهای انجمن مانشت نمیباشید. جهت مشاهده پیوندها ثبت نام کنید.