A network administrator is using source NAT for traffic from source network 10.0.0.0/8. The administrator must also disable NAT for any traffic destined to the 202.2.10.0/24 network.Which configuration would accomplish this task?
A.
[edit security nat source rule-set test]
user@host# show
from zone trust;
to zone untrust;
rule A {
match {
source-address 202.2.10.0/24;
}
then {
source-nat {
pool {
A;
}
}
}
}
rule B {
match {
destination-address 10.0.0.0/8;
}
then {
source-nat {
off;
}
}
}
B.
[edit security nat source]
user@host# show rule-set test
from zone trust;
to zone untrust;
rule 1 {
match {
destination-address 202.2.10.0/24;
}
then {
source-nat {
off;
}
}
}
rule 2 {
match {
source-address 10.0.0.0/8;
}
then {
source-nat {
pool {
A;
}
}
}
}
C.
[edit security nat source rule-set test]
user@host# show
from zone trust;
to zone untrust;
rule A {
match {
source-address 10.0.0.0/8;
}
then {
source-nat {
pool {
A;
}
}
}
}
rule B {
match {
destination-address 202.2.10.0/24;
}
then {
source-nat {
off;
}
}
}
D.
[edit security nat source rule-set test]
user@host# show
from zone trust;
to zone untrust;
rule A {
match {
source-address 10.0.0.0/8;
}
then {
source-nat {
pool {
A;
}
}
}
}
I agree with the answer. B