Hello everyone,
I have a FWSM that i have just started working with and I am curious about something. I have nat exemption turned on so that hosts within one vlan do not get nated when the talk to hosts in another vlan. after initating a ping from a host in one of these vlans to another and then checking the xlate this is what i get:
FWSM/fwsmcon1# show xlate interface internal254 detail | include 10.2.1.41
NAT from internal10:10.2.1.41 to internal254:10.2.1.41 flags Ii
NAT from internal10:10.2.1.41 to internal254(NATEXEMPT):10.2.1.41 flags Iai
My question is why are there two xlate entries? Shouldn't their only be one to show the nat exemption? Is nat exemption working? Thanks for your input and thoughts!
I have a FWSM that i have just started working with and I am curious about something. I have nat exemption turned on so that hosts within one vlan do not get nated when the talk to hosts in another vlan. after initating a ping from a host in one of these vlans to another and then checking the xlate this is what i get:
FWSM/fwsmcon1# show xlate interface internal254 detail | include 10.2.1.41
NAT from internal10:10.2.1.41 to internal254:10.2.1.41 flags Ii
NAT from internal10:10.2.1.41 to internal254(NATEXEMPT):10.2.1.41 flags Iai
My question is why are there two xlate entries? Shouldn't their only be one to show the nat exemption? Is nat exemption working? Thanks for your input and thoughts!