Hello Dale,
If you ever run into forwarding port ranges on a cisco, you may wanna
check this out :
hxxp://slaptijack.com/networking/cisco-nat-and-port-range-stupidity/
;)
On Mon, May 18, 2009 at 2:38 PM, Sadiq Yakasai <sadiqtanko_at_gmail.com> wrote:
> Or trying going through the INE Sec material - end of 2 weeks doing NAT, you
> would be the NAT king Dale! (thats a promise) ;-)
>
>
>
> On Mon, May 18, 2009 at 12:01 PM, Salah ElShekeil <salah.elshekeil_at_gmail.com
>> wrote:
>
>> Hi Dale,
>>
>> I used TCP/IP book, and VOL 1 ver 5.0
>>
>> in Ver 5.0 u will find a lot of examples :)
>>
>> Good luck
>>
>>
>> On Mon, May 18, 2009 at 12:43 PM, Dale Shaw <dale.shaw_at_gmail.com> wrote:
>>
>> > Hi all,
>> >
>> > I really dislike IOS NAT. Reeeaaallly dislike it. I cut my teeth on
>> > NAT on Linux and BSD and it just seems to make so much more sense to
>> > me on those systems.
>> >
>> > The "inside local", "inside global", "outside local" and "outside
>> > global" concepts -- why, Cisco? Whhhhhy? And it's just as
>> > brain-destroying on PIX/ASA, if you ask me.
>> >
>> > Anyway, I could whinge and moan about Cisco's implementation all day
>> > long, but that's not going to help. Essentially, I'd like to become
>> > much better at identifying and applying solutions to NAT scenarios
>> > with IOS.
>> >
>> > I've been setting up NAT on routers for years, and in the end, I can
>> > always make it work. For trickier configurations, sure, it takes
>> > longer, but I get there. As we all know, though, there's no time for
>> > trial and error in the exam room. I want to be able to look at a NAT
>> > task and immediately know which interface(s) should be 'inside' and
>> > which interface(s) should be 'outside', which of the many NAT
>> > configuration options will get the job done, and what "gotchyas" each
>> > method comes packaged with (e.g. when static routes are required).
>> >
>> > Don't get me wrong, I understand how a packet can be transformed by a
>> > NAT, it's really just gaining a deeper understanding of Cisco's
>> > implementation.
>> >
>> > So, I guess I'm happy to hear what study material helped you really
>> > 'get' NAT - DocCD links, other Cisco.com articles, books, workbooks,
>> > whatever - but I'm more interested in the way you approach NAT tasks
>> > in terms of logic, strategy and troubleshooting. I personally haven't
>> > found a resource yet that gives me the background theory I require to
>> > get the most out of practice labs.
>> >
>> > cheers,
>> > Dale
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>> >
>>
>>
>> --
>> Salah
>> CCIE# 24207
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> CCIE #19963
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Mon May 18 2009 - 14:47:58 ART
This archive was generated by hypermail 2.2.0 : Mon Jun 01 2009 - 07:04:43 ART