Which change is needed to correct this problem?

— Exhibit –-
[edit security nat]
user@host# show source

pool pool-one {
address {
68.183.13.0/24;
}
}
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule pool-nat {
match {
source-address 10.10.10.1/24;
}
then {
source-nat {
pool {
pool-one;
}
}
}
}
rule no-nat {
match {
destination-address 192.150.2.140/32;
}
then {
source-nat {
off;

}
}
}
}

— Exhibit –-

Refer to the Exhibit.
You have implemented source NAT using a source pool for address translation. However, traffic
destined for 192.150.2.140 should not have NAT applied to it. The configuration shown in the
exhibit is not working correctly.
Which change is needed to correct this problem?

— Exhibit –-
[edit security nat]
user@host# show source

pool pool-one {
address {
68.183.13.0/24;
}
}
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule pool-nat {
match {
source-address 10.10.10.1/24;
}
then {
source-nat {
pool {
pool-one;
}
}
}
}
rule no-nat {
match {
destination-address 192.150.2.140/32;
}
then {
source-nat {
off;

}
}
}
}

— Exhibit –-

Refer to the Exhibit.
You have implemented source NAT using a source pool for address translation. However, traffic
destined for 192.150.2.140 should not have NAT applied to it. The configuration shown in the
exhibit is not working correctly.
Which change is needed to correct this problem?

A.
Insert no-nat before pool-nat.

B.
The no-nat rule should be in a separate rule-set.

C.
Destination NAT should be used to exclude the traffic destined for 192.150.2.140.

D.
Proxy ARP needs to be applied on the 192.150.2.140 address for the rule to function.



Leave a Reply 0

Your email address will not be published. Required fields are marked *