From: Joseph Brunner (joe@affirmedsystems.com)
Date: Tue Jun 17 2008 - 12:04:20 ART
you need to force the traffic on R2 travel thru an outside nat interface
thru the s0 inside nat interface...
ip access-list ext telnet
permit tcp any any eq 23
route-map telnet-permit
match ip address telnet
set interface loop1
int loop1
ip nat outside
ip local policy route-map telnet-permit
here we use local policy routing to control router originated traffic in
your solution.
Note: by default a router simply uses the outgoing interface, which in R2's
case will not trigger the outside->inside nat rule, as traffic simply leaves
the s0 nat inside interface, not having originated on an outside interface.
-Joe
Certified Nat expert #19366
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
David Lonnie
Sent: Tuesday, June 17, 2008 10:56 AM
To: ccielab@groupstudy.com
Subject: ip masquerading and ip accounting
Hi,experts:
I have a topology like this.
R1(e0)----------------(e0)R2(s0)---------------(s0)R3
R1: loopback0--->8.8.1.1/24
R2: loopback0--->8.8.2.2/24
R3: loopback0--->8.8.3.3/24
1.All telnet sessions originating from R1 and R2 to 8.8.2.254 will
result in a connection to 8.8.3.3.
2.Packets with translated address will be counted.
This is my solution:
R2:
ip nat inside source static tcp 8.8.3.3 23 8.8.2.254 23 extendable
interface s0
ip nat inside
interface e0
ip nat outside
on R1,i telnet 8.8.2.254,it's OK.But on R2, i telnet 8.8.2.254, i doesn't
work.
My question is how to configure so that i can telnet from R2.
in my opinion,the translation is that,packets sourced from 8.8.3.3 will
be translated to 8.8.2.254 when they outbound s0 interface of R2.so
the translated address is 8.8.2.254. i configurate like this:
R2:
ip accounting-list 8.8.2.254 0.0.0.0
interface s0
ip accounting output-packets
Is this correct?
Thanks in advance for any advice.
David
This archive was generated by hypermail 2.1.4 : Tue Jul 01 2008 - 06:23:22 ART