From: Bill Wharton (bill_wharton@mailhost.cjb.net)
Date: Thu Dec 14 2006 - 14:46:36 ART
Only with using nat (inside) 0 command, you're using Identity NAT which
means only the inside interface would be able to initiate the communications
and once it has, then outside hosts can reach the inside host with NATTINg.
However, if you want either side to be able to initiate communication then
you need Exemption NAT this way:
access-list nonat permit ip 10.1.1.0 255.255.255.0 any
nat (inside) 0 access-list nonat
NAT exemption is where the firewall responds with proxy arp's
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of V
Shekhar
Sent: Thursday, December 14, 2006 5:54 AM
To: Groupstudy; Cisco certification
Subject: NAT Exemption
I was trying out the NAT exemption scenarios.
I have a Q in this regard.
Do we really have to use "static" wlong with NAT 0?
I thought Just by adding the NAT 0 the outside inteerface would reply for
arp queries for the internal host.
any working config would be of help.
Thanx.
-sHekHar.
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:38 ART