From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Mon Jun 07 2004 - 22:11:31 GMT-3
To keep the configuration more modular you can also reference a
route-map. I.e. "ip nat inside source route-map X interface ethernet0
overload"
HTH,
Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> Kenneth Wygand
> Sent: Monday, June 07, 2004 3:34 PM
> To: John Underhill; ccielab@groupstudy.com
> Subject: RE: NAT/vpn
>
> John,
>
> Sure, just use NAT that references an extended ACL matching the
criteria
> you wish to NAT.
>
>
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123tcr/1
> 23tip1r/ip1_i2gt.htm#wp1144598
>
> Kenneth E. Wygand
> Systems Engineer, Project Services
> CISSP #37102, CCNP, CCDP, ACSP, Cisco IPT Design Specialist, MCP, CNA,
> Network+, A+
> Custom Computer Specialists, Inc.
> "The only unattainable goal is the one not attempted."
> -Anonymous
>
> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
Of
> John Underhill
> Sent: Monday, June 07, 2004 4:15 PM
> To: ccielab@groupstudy.com
> Subject: NAT/vpn
>
> Is there a way to selectively NAT an address space based on
destination
> address, even if the traffic will transit the same interface? I want
to
> configure the network so that traffic bound for spokes in a frame
cloud
> retain
> their private address and are sent through a vpn, but if the
destination
> address is public then they are oveloaded onto a range of public
> addresses.
> I'm thinking this would be easy if they didn't transit the same
> interface, but
> maybe it can be done with a route map somehow? Any ideas?
>
>
This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:34 GMT-3