Here's a puzzler for you:
"Their" 192.168.10.0/24 Network
|
"Their" Default gateway
|
"Their" VPN 3030 Concentrator running PAT w/ external interface 2.2.2.2
(Reference Point A)
|
Another default gateway leading to...
|
The Internet
|
"My" gateway router
|
"My" VPN box
|
"My" internal router possibly running NAT (Reference Point B)
|
"My" 172.16.0.0/14 network
The VPN boxes are up and running and have a tunnel established. Okay, so at
Ref. Point A, we're running PAT on the VPN box to hide the 192.168.10/24
network. Fine and dandy. For some reason, management has said that all
source addresses coming into "my" network must be 172-based addresses rather
than the 2.2.2.2 address. So they want to know if at Ref. Point B if I can
run another NAT session which translates the 2.2.2.2:Port addresses into
172.16.0.0/14 addresses. I would think this wouldn't be possible, because I
know of no NAT command which allows you to specify the outside local
addresses as being PATted addresses. Is there such a command? Thanks.
BJ
P.S. Someday, "their" 192.168.10/24 network will be renumbered. This is
just an interim configuration.
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=18418&t=18418
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
