From: Michael Le (mmle@xxxxxxxxxxxxxxxxx)
Date: Wed Jan 24 2001 - 18:40:42 GMT-3
NAT Order of Operations
http://www.cisco.com/warp/public/556/5.html
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Maljure, Sanjay
Sent: Wednesday, January 24, 2001 3:32 PM
Cc: ccielab@groupstudy.com
Subject: RE: Destination NAT....(Back to basics)
Hi everyone
Please help me with a couple of questions.....
1. When does the routing decision occur? before or after NAT????
2. How about for inside source address NATing? before or after?
3. How about for outside source address NATing? before or after?
Can't get to my test lab right now. So any help would be appreciated.
Also forgive the atrocious english. How does one apply for a poetic
license?
Thanks for your time
Sanjay
-----Original Message-----
From: Brian Hescock [mailto:bhescock@cisco.com]
Sent: Wednesday, January 24, 2001 3:25 PM
To: Maljure, Sanjay
Cc: ccielab@groupstudy.com
Subject: RE: Destination NAT....
Sanjay,
I'm in the middle of a class right now but check a couple of the docs
and you should find what you need. I've used the docs to set it up for
an
internal lab I developed and it worked, although overlapping ip
addresses
with nat is rather confusing. If I remember correctly there's one key
stumbling block that you can run into with the static route you need to
add (I believe it was a matter of what you point it to, it's not what
you
think).
Let me know if you don't get it working and I can check after class, I
can
send you that portion of the lab, which includes the working config.
B.
On Wed, 24 Jan 2001, Maljure, Sanjay wrote:
> Hi Brian
> I did look at the documents describing the "overlapping with NAT " I
> think what I am trying to do is exactly the same as the 'overlapping'
> case except for the DNS part. And not having DNS should not really
> matter.
> None of the documents that I looked at gave a sample script for doing
> this using static IP addresses. One document that I looked in to used
> 'inside source list..' and 'outside source list...' to do it as they
> were translating entire subnets.
> So I am thinking 'inside source static' and 'outside source static'
will
> do the trick for me.
> What do you think?
> Thanks
>
> Sanjay Maljure
> CCIE# 6286
> Enterprise Systems Consultant
> Ciber, Inc.
>
> Tel - 732.225.1700
> Fax - 732.225.1973
>
>
> -----Original Message-----
> From: Brian Hescock [mailto:bhescock@cisco.com]
> Sent: Wednesday, January 24, 2001 2:51 PM
> To: Maljure, Sanjay
> Cc: ccielab@groupstudy.com
> Subject: Re: Destination NAT....
>
>
> Sounds like you want to do NAT with overlapping ip addresses. Do a
> search
> on CCO on "NAT and overlapping"
>
> Brian
>
> On Wed, 24 Jan 2001, Maljure, Sanjay wrote:
>
> >
> > Hi
> > I thought I knew this stuff but I am beginning to see these funny
> gnomes
> > flying around....so please help
> > What I need to do:
> >
> > I have an IP packet
> > SIP=10.190.9.20
> > DIP=10.190.29.111
> >
> > I need to NAT this so that
> >
> > SIP=172.30.43.111
> > DIP=172.31.21.112
> >
> > And all these IP addresses are fixed which means I got to do static
> NAT
> >
> > I am using a 2500 with "full NAT" feature set
> >
> > NATing the source IP addresses can be done with "ip nat inside
source
> > static....."
> > How do I take care of the destination IP address NATing? ("ip nat
> > outside source static...." will work????)
> >
> > Thanks for your time
> > Sanjay
> >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:42 GMT-3