I found my previous administrator configured the following NAT for my router (shown below). Our network is in 50.100.X.X and we need to contact a workstation in 192.168.3.X network (192.168.3.1-192.168.3.100). That's why he defined the source pool to be from 192.168.3.101 192.168.3.240 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% interface Ethernet0 description Interface facing Financial Service Provider ip address 192.168.3.1 255.255.255.0 ip nat outside
interface Ethernet1 description Interface facing Rabobank (Trusted) network ip address 50.100.165.240 255.255.255.0 ip nat inside ip nat pool XXY 192.168.3.101 192.168.3.240 netmask 255.255.255.0 ip nat inside source list 1 pool XXY ########################################################################## Q1)But, when I show IP nat trans. I saw the following, I understand the first two, but not line 3. the 192.168.3.118 should be the source address of returning packet, what is 192.168.3.119 ? RBFW2514#sh ip nat trans Inside global Inside local Outside local Outside global --- 192.168.3.117 50.100.165.81 --- --- --- 192.168.3.118 50.100.165.210 --- --- --- 192.168.3.119 192.168.3.118 ############################################################################ Q2)I understand there is another kind of NAT which work like the following. Inside global Inside local Outside local Outside global 192.168.2.2:1234 10.0.0.1:1234 172.21.3.1:23 192.168.2.2:2222 10.0.0.2:2222 172.21.3.2:23 192.168.2.2:3333 10.0.0.3:3333 172.21.3.4:23 What is the difference these method. I think both NAT can work. Why we don't use these one? Q3)But in this method, I found a problem what if 10.0.0.1 and 10.0.0.2 use the same port 2222. There will be 2X 192.168.2.2:2222 in the inside global. Will be 192.168.2.2:2222 have problem identify which to be NAT back to 10.0.0.1 or 10.0.0.2. Thanks a lot Tong ================================================================== De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en de afzender direct te informeren door het bericht te retourneren. ================================================================== The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the contents herein and notify the sender immediately by return e-mail. ================================================================== Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=38764&t=38764 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]