Re: How to make this NAT work

From: Darby Weaver (darbyweaver@yahoo.com)
Date: Mon Apr 30 2007 - 23:50:37 ART

• Previous message: edassery@gmail.com: "ANY BODY FOR CCIE R&S LAB IN BANGALORE ON 19 MAY 2007"
• Maybe in reply to: iyux2000@gmail.com: "How to make this NAT work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

iyux2000,

Why would you want the router, R3, in this case, to
reach itself on 1.1.2.100 via port 80 for the internal
ip address/socket of 1.1.1.1 port 80?

Now suppose you did want to do this and you actually
HAVE a need to do do this, the next question is CAN
you do this?

Hmm....

Let me think on this a minute.

Now what other restrictions are you given?

You see I happen to have this wonderfully constructed
configuration that we use in production that seems to
do a bit of what you are asking for...

It is perplexing, but it also works.

The concept is that we drop a single router with a
single FastEthernet port into a given network (there
are other ports on the device - think 831/871 SOHO for
a moment).

Now remember, in order for NAT to work, the technology
only implies we need an inside interface and an
outside interface.

Does it say what these interfaces have to be?

Or better yet, does it restrict what they cannot be?

Help me here, I'd like to know that you can get your
mind around the solution I am going to offer you, but
only if you can tell me you understand the
fundamentals of what it is you are asking.

Otherwise, I might be inclined to think you were just
asking a single question in order to simply memorize
it...

Oh yes, and does an interfaces have to be physical or
can it be logical or can it be subinterface...

Answer my questions, and I'll give yiu the rest of "a
soluion" to this intriguing query of yours, please.

Oh and one more: Can you perform NAT on a single
physical interface on a given router in the first
place?

Not meaning to make you mad, but instead asking you to
think a bit.

Of course, some may simply want the "feed me now
answer", but that is not who asked the question right.

:)

--- iyux2000@gmail.com wrote:

> Hi group,
>
> I try to statically map inside local to inside
> global address, for example, i configured NAT on R3
> by using "ip nat inside source static tcp 1.1.1.1 80
> 1.1.2.100 80 extendable". The outside world can
> access 1.1.2.100 with port 80, however my question
> is that how to make R3 itself to access 1.1.2.100
> with port 80? Possible PBR ?
>
> Thank you for your reply.
>
>

• Previous message: edassery@gmail.com: "ANY BODY FOR CCIE R&S LAB IN BANGALORE ON 19 MAY 2007"
• Maybe in reply to: iyux2000@gmail.com: "How to make this NAT work"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue May 01 2007 - 08:28:38 ART