From: Guyler, Rik (rguyler@shp-dayton.org)
Date: Wed Aug 02 2006 - 23:39:15 ART
San, here's the support page for NAT. A little bit of reading and you'll
know all there is to know about NAT... ;-)
//www.cisco.com/en/US/customer/tech/tk648/tk361/tk438/tsd_technology_support
_sub-protocol_home.html
Rik
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of san
Sent: Wednesday, August 02, 2006 5:28 PM
To: Cisco certification
Subject: NAT scenario and understanding question
Hi,
I have a trouble understanding NAT. and decide on what to apply inside
destination or outside destination....etc..
( I understand what happens with " inside source" translations.)
Can you Please pass me a reference or guide on how to choose NAT
translations . ?
Can you also look at the below question and explain why did they choose
inside source ?, while the 54.1.8.6 and 192.10.1.112 are destination
addresses ?
This question is taken from IE WB 16, section 11.1
Question:
Further monitoring of R6 has shown that most of the brute force attacks are
going to the IP address of the interfaces connected to BB1 and BB3. In
order to distract hackers and analyze their attack techniques your security
team has installed a honeypot terminatl in vlan16 with a blank root passwd.
Configure R6 so that all telnet and SSH requests sent to its outside
interfaces are redirected to the honey pot.
This machines ip address is 192.10.1.112
interface GigabitEthernet0/0.16
ip nat inside
!
interface GigabitEthernet0/0.63
ip nat outside
!
interface Virtual-Template1
ip nat outside
!
ip nat inside source static tcp 192.10.1.112 22 54.1.8.6 22 extendable ip
nat inside source static tcp 192.10.1.112 23 54.1.8.6 23 extendable ip nat
inside source static tcp 192.10.1.112 22 204.12.1.6 22 extendable ip nat
inside source static tcp 192.10.1.112 23 204.12.1.6 23 extendable
-- Thanks & Rgds SAN
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:55 ART