From: Richard Dumoulin (richard.dumoulin@vanco.es)
Date: Tue Jul 13 2004 - 18:14:46 GMT-3
I think I have it clear.
Suppose a small Cisco router to access the Internet where your provider
gives you only 1 IP address.
And you need two things because your boss has asked you:
1- Access the Internet from the inside --> which means you need PAT
(overload)
2- You have a mail server inside and you need the outside to access it (let
s forget Security)
So you need two kinds of NAT
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static udp 192.168.18.1 25 191.55.55.55 25 extendable
access-list 1 permit 192.168.18.0 0.0.0.255
The first is to access the Internet form inside.
The second one to access the mail server from outside.
This is the ambiguity Cisco talks about on the previous paper. You could add
another line for POP3 also,
--Richard
-----Original Message-----
From: Richard Dumoulin
Sent: martes, 13 de julio de 2004 22:46
To: Cooper, David; CCIE LAB List
Subject: RE: Nat Expandable
David, I am not sure because I have not used it often, but I believe it
tells NAT to look into TCP/UDP header vs only IP header info,
--Richard
-----Original Message-----
From: Cooper, David [mailto:CooperD@netsolve.com]
Sent: martes, 13 de julio de 2004 19:57
To: CCIE LAB List
Subject: Nat Expandable
Can anyone tell me what the expandable command at the end of an IP NAT
inside/outside actually does? I can not find any good references on Cisco
and it seems to be a fairly new command. Thanks!
-David
This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:11:54 GMT-3