PrepAway - Latest Free Exam Questions & Answers

Which change is needed to correct this problem?

— Exhibit —
[edit security nat]
user@host# show source
pool pool-one {
address {
68.183.13.0/24;

}
}
rule-set trust-to-untrust {
from zone trust;
to zone untrust;
rule pool-nat {
match {
source-address 10.10.10.1/24;
}
then {
source-nat {
pool {
pool-one;
}
}
}
}
rule no-nat {
match {
destination-address 192.150.2.140/32;
}
then {
source-nat {
off;
}
}
}
}
— Exhibit —
Click the Exhibit button.
You have implemented source NAT using a source pool for address translation. However,
traffic destined for 192.150.2.140 should not have NAT applied to it. The configuration
shown in the exhibit is not working correctly.
Which change is needed to correct this problem?

PrepAway - Latest Free Exam Questions & Answers

A.
Insert no-nat before pool-nat.

B.
The no-nat rule should be in a separate rule-set.

C.
Destination NAT should be used to exclude the traffic destined for 192.150.2.140.

D.
Proxy ARP needs to be applied on the 192.150.2.140 address for the rule to function.


Leave a Reply