From: Ron.Fuller@xxxxxx
Date: Fri Aug 04 2000 - 08:11:18 GMT-3
I don't think you can do this. The interface must be one or the other, not
both. You can use policy routing to a loopback to work around this. We
did this the other night in our study group. The scenario was one with DSL
or cable, where you have a router with one ethernet with a public address,
but this ethernet is also connected to your inside network as well. Use
secondary addresing for the internal addressing, use the "real" IP address
for the primary address and do policy routing to NAT out the inside address
to the outside. Loopbacks can participate in NAT. Ugly, but it worked well
and not very secure as far as a good security design goes.
HTH!
Ron Fuller, CCIE #5851, CCDP, CCNP-ATM, CCNP-Security, MCNE
3X Corporation
rfuller@3x.com
Padhu@steinro
e.com To: ccielab@groupstudy.com
Sent by: cc:
nobody@groups Subject: IP NAT Inside and outside
on the same interface
tudy.com
08/04/00
01:32 AM
Please
respond to
Padhu
Has anyone heard about this or tried ? Thanks.
Cheers,Padhu
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:21 GMT-3