From: kelly@cliffhanger.com
Date: Fri Sep 28 2007 - 14:18:18 ART
Policy routing ...
Create a nat config for the reply traffic using a
route map and apply it to a "local policy".
! global config mode :
ip local policy route-map <route-map-name>
Configuring Policy-Based Routing
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fqos_c/fqcprt1/qcfpbr.htm
--
___
/\ \
/ \ \
/ \ \
/ /\ \ \
/ / \ \ \
/ / / \ \ \
/ / /___\__\ \
/ / /___________\
\/_______________/
Impossible Triangle
M. C. Escher
Big riffs, massive grooves, and expansive improvisations
Quoting CCIEin2006 <ciscocciein2006@gmail.com>:
Hello Experts,
Is it possible to NAT the destination address for traffic locally generated
on a router?
Lets say you wanted to play a mean trick on your co-workers, and have them
think they're telnetting into one router only to be
redirected to another router because the destination address is NAT'd.
In the example below you are doing a telnet from R1 to IP 5.5.5.5 which is
NAT'd to 2.2.2.2 (IP of R2)
(R1)----------(R2)
1.1.1.1 2.2.2.2
Here's the problem I'm seeing:
1.1.1.1 ----> 5.5.5.5 ->(NAT'd to 2.2.2.2)
1.1.1.1 <--- 2.2.2.2 (Not being NAT'd back)
I tried testing this but the problem is that the return traffic is not being
NAT'd back to the original address.
I see the SYN ACK come back from R2 with a source of 2.2.2.2 but it does not
get NAT'd back to 5.5.5.5.
Meanwhile R1 thinks this is traffic from a different session and sends a
RST.
Is there any way to get this to work? I tried all kinds of policy based
routing but to no avail...
Thanks,
Nick
_______________________________________________________________________
Subscription information may be found at:
http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Sat Oct 06 2007 - 12:01:16 ART