Your company plans to implement an Internet gateway router that is performing NAT. This same
gateway will be terminating various IPsec tunnels to other remote sites. Which address type is
appropriate for the ACL that will govern the sources of traffic entering the tunnel in the inside
interface?
A.
inside local
B.
inside global
C.
outside local
D.
outside global
I’m staring at a doc right now defining the address types. Answer A – inside local should be correct as it identifies the source address of traffic *entering* the NAT router on the inside interface. This is translated to an inside global address when *leaving* the NAT router.
Inside global also defines the destination address of traffic entering the NAT router on the outside interface. This is translated to an inside local address (destination).
0
0
I suppose the gateway will perform NAT before IPsec so packets entering the tunnel would have source address of inside global. In that case Answer B is correct.
0
0
By the way, part of that new 493Q 352-001 dumps for your reference:
https://drive.google.com/open?id=0B-ob6L_QjGLpflFYOFdyS1ctQVc2X1cwT0d2R2dyZzBsb2hPaGw5V2Y5akx5QmxxYUdOOUU
Best Regards!
0
0