Select the three (3) options below that would allow for proper function of NAT-dst.

Select the three (3) options below that would allow for proper function of NAT-dst.

Select the three (3) options below that would allow for proper function of NAT-dst.

A.
The default address book entry of"any" in the internal zone

B.
The default address book entry of"any" in the external zone

C.
A secondary address on an interface in the internal zone, configured with the public address

D.
A loopback interface in the internal zone, configured with the public address

E.
A static route to the public subnet using an interface in the internal zone as the outbound interface

Explanation:

WithNat_Dsttraffic could be coming from any external IP address, you’renattingfrom External to Internal, Any on Internal doesn’t make sense.
For proper functioning of NAT-dstwe can use:
1.The default address book entry of"any" in the external zone 2.A loopback interface in the internal zone, configured with the public address 3.A static route to the public subnet using an interface in the internal zone as the outbound interface
You cannot have a secondary address with a public address on the internal zone becausethere can be no subnet address overlap between any two secondary IP addresses. In addition, there can be no subnet address overlap between a secondary IP and any existing subnet on theNetScreen device.



Leave a Reply 1

Your email address will not be published. Required fields are marked *