RE: sanity check - NAT [7:410]

Thu, 12 Apr 2001 14:37:28 -0700 

Me thinks that you have already been there.
I don't see an ip address on the S0 interface. Should it be 203.181.70.65 ?
Had to look up "ip nat outside source static". Cisco says " If you use the
ip nat inside command, these packets must originate from the inside. If you
use the ip nat outside command, these packets must originate on the
outside." Looks good.

For those new to the list, Irwin has been a past contributor to this list.
He has given presentations at Networld+Interop. His website www.itprc.com
should be one of the first places that you look if you have a networking
question.

> -----Original Message-----
> From: Irwin Lazar [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 12, 2001 5:00 PM
> To: [EMAIL PROTECTED]
> Subject: sanity check - NAT [7:410]
> 
> 
> I need to turn on NAT in a 2500 running Firewall IOS 11.3.  
> It's been a year
> since I touched a router, so I wanted to run the config by 
> the group for a
> sanity check. (addresses have been changed to protect the innocent)
> 
> Here's what I'm trying to do:
> NAT pool (legal addresses) 203.181.70.65 to 203.181.70.94 (slash /27)
> 
> Hosts will get addresses via DHCP in the 192.168.1.0 /24 range
> 
> The Inside address 192.168.1.11 should statically translate 
> to 203.181.70.91
> (that is, hosts on the Internet that try to connect to 
> 203.181.70.65 should
> hit the NAT box, where they are redirected to 192.168.1.11)
> 
> Here's my config:
> interface e0
> ip address 192.168.1.1 255.255.255.0
> ip nat inside
> ! defines e0 with IP address and inside NAT interface
> 
> interface s0
> ip nat outside
> 
> ip nat pool overld 203.181.70.65 206.181.70.90 prefix 27
> ip nat inside source list 7 pool overld overload
> access-list 7 permit 192.168.1.0 0.0.0.255
> 
> ip nat outside source static 192.16.1.11 203.181.70.91
> ip nat inside source static 203.181.70.91 192.16.1.11 
> 
> Before I slap this on my router, will it work as intended?
> FAQ, list archives, and subscription info: 
> http://www.groupstudy.com/list/cisco.html
> Report misconduct 
> and Nondisclosure violations to [EMAIL PROTECTED]




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=419&t=410
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to