RE: Confused over NAT [7:65926]
The source address of the packet(host address) is replaced with one of the addresses in the natpool. That is contained in the header of the packet. The routing protocol takes care of insuring that the packet gets back to your WAN interface. Hope this helps. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65939&t=65926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused over NAT [7:65926]
The rest of the world has to have a route to your pool of addresses (222.2.2.1-254 in your example). The pool is assigned by your local ISP. They should have a route to it. With PAT you could use the WAN interface address for all translations. > -Original Message- > From: James Gosnold [mailto:[EMAIL PROTECTED] > Sent: Friday, March 21, 2003 8:55 AM > To: [EMAIL PROTECTED] > Subject: Confused over NAT [7:65926] > > > Dear all, > > Just having a slight problem getting my head around NAT regarding the > example configurations in the study guides I have. > > access-list 1 permit 10.0.0.1 0.0.0.255 (defines list of addresses) > > ip nat pool mynatpool 222.2.2.1 222.2.2.254 netmask > 255.255.255.0 (defines > pool of inside global addresses NAT can replace the SA with) > ip nat inside source list 1 pool mynatpool (applies the > addresses laid out > in the access-list as inside addresses and tells router to > replace SA from > mynatpool) > > int eth0 > ip address 10.0.0.1 255.255.255.0 > ip nat inside (tells NAT that this is where inside addresses > come from) > > int ser0 > ip address 133.4.4.1 255.255.255.0 > ip nat outside > > So here is my confusion: > > If the Ser0 interface is the WAN address (133.4.4.1) and it > replaces the > inside local address with a SA from mynatpool (222.2.2.1 - > 222.2.2.254) then > how will the packet get back to the WAN interface? I thought > that NAT would > replace the inside local address with the address of the WAN > interface, not > a group of different public ip addresses? How will the packet > get back if > the SA is from the range 222.2.2.1 - 254 and yet the IP > address of the WAN > interface is clearly not from this range? > > Confused from London > > Regards, James. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65936&t=65926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused over NAT [7:65926]
You would need to have routing out on the internet that says how to get back to those addresses or what would do is get rid of the nat pool and nat using the Serial interface address. -Original Message- From: James Gosnold [mailto:[EMAIL PROTECTED] Sent: Friday, March 21, 2003 9:55 AM To: [EMAIL PROTECTED] Subject: Confused over NAT [7:65926] Dear all, Just having a slight problem getting my head around NAT regarding the example configurations in the study guides I have. access-list 1 permit 10.0.0.1 0.0.0.255 (defines list of addresses) ip nat pool mynatpool 222.2.2.1 222.2.2.254 netmask 255.255.255.0 (defines pool of inside global addresses NAT can replace the SA with) ip nat inside source list 1 pool mynatpool (applies the addresses laid out in the access-list as inside addresses and tells router to replace SA from mynatpool) int eth0 ip address 10.0.0.1 255.255.255.0 ip nat inside (tells NAT that this is where inside addresses come from) int ser0 ip address 133.4.4.1 255.255.255.0 ip nat outside So here is my confusion: If the Ser0 interface is the WAN address (133.4.4.1) and it replaces the inside local address with a SA from mynatpool (222.2.2.1 - 222.2.2.254) then how will the packet get back to the WAN interface? I thought that NAT would replace the inside local address with the address of the WAN interface, not a group of different public ip addresses? How will the packet get back if the SA is from the range 222.2.2.1 - 254 and yet the IP address of the WAN interface is clearly not from this range? Confused from London Regards, James. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65931&t=65926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Confused over NAT [7:65926]
Ok, I think I have it now. So in a way the pool of addresses are like a load of virtual interfaces? I understand the use of sockets for overloading and how this can enable to use just one address, it was just the pool thing that confused me a little! Thanks guys, James. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65937&t=65926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Confused over NAT [7:65926]
Nat replaces the inside IP with a/the real IP from it's outside pool. It keeps track of which inside device each NAT'd (is that a word?) packet belongs to via the port it assigns to the packet when it puts the outside IP addy on it and sends it. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65933&t=65926 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]