From: Brian Hescock (bhescock@xxxxxxxxx)
Date: Mon Sep 17 2001 - 16:04:55 GMT-3
Use an extended access-list in your "ip nat inside source list" or "ip
nat outside source list" command. You can say I only want ftp traffic
from 10.1.1.1 to be translated and only web traffic from 10.2.2.2 to be
translated and nothing else. The extended access-list is what specifies
who can be translated and for what type of traffic.
Brian
Wade Edwards wrote:
>I am having a problem with NAT that I would like to get cleared up.
>
>>From my understanding of how NAT works on a Cisco router is that you can
>specify a range of IP addresses to NAT to, traffic to NAT and inside and
>outside interfaces.
>
>The problem I am having is that I need only certain traffic to be
>translated and not everything from those IP addresses.
>
>I am using a pool of address to NAT to and once the router sees traffic
>from the source IP addresses to the destination IP addresses the source
>IP addresses get placed in the NAT translation table and from then on
>ALL traffic get translated to that IP address and not just the traffic
>(i.e. source and destination) specified in the access-list.
>
>Am I missing something like an IOS issue or do I not understand what the
>access-list is used for in the NAT command.
>
>Thanks for your help.
>**Please read:http://www.groupstudy.com/list/posting.html
**Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:32:19 GMT-3