OK, if we assume that the ISP has also assigned 198.x.x.4/30 to this client and has the apropriate routing in place...
ip nat inside source list 1 interface serial 0 overload ip nat inside source static 192.168.10.5 198.0.0.5 interface e0 ip address 192.168.10.1 255.255.255.0 ip nat inside interface s0 ip address 200.x.x.1 255.255.255.252 ip address 198.x.x.6 255.255.255.252 secondary ip access-group 102 in ip nat outside access-list 1 deny host 192.168.10.5 access-list 1 permit 192.168.10.0 0.0.0.255 access-list 102 deny tcp host 192.x.x.5 any eq 0 access-list 102 deny udp host 192.x.x.5 any eq 0 access-list 102 permit ip any any I don't have the equipment on hand to test this, but I beleive this would work. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=42376&t=42351 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
