Re: Are you an IOS NAT expert?

Is Narbiks PDF freely distributable or is it part of a training package? I'd
love to get my hands on it if possible.

Michael

On Mon, May 18, 2009 at 1:24 PM, Joseph L. Brunner
<joe_at_affirmedsystems.com>wrote:

> Dale, I'll second the CCIE Security track as the final hurdle for Nat
> learning;
>
> Please pickup the ASA firewall handbook by Hucaby; it will clarify the
> concepts quite well like identity nat, Policy nat, nat exceptions, and such.
>
> I also passed ALL nat aspects of the CCIE R/S using
> 1. Wendell Odom's nat explanations and thought train in the R/S Written
> Certification guide
> 2. Mr. Narbiks PDF on NAT he has passed around quite a bit here... its like
> 200+ pages...
>
> -Joe
>
> -----Original Message-----
> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
> Dale Shaw
> Sent: Monday, May 18, 2009 5:44 AM
> To: Cisco certification
> Subject: Are you an IOS NAT expert?
>
> Hi all,
>
> I really dislike IOS NAT. Reeeaaallly dislike it. I cut my teeth on
> NAT on Linux and BSD and it just seems to make so much more sense to
> me on those systems.
>
> The "inside local", "inside global", "outside local" and "outside
> global" concepts -- why, Cisco? Whhhhhy? And it's just as
> brain-destroying on PIX/ASA, if you ask me.
>
> Anyway, I could whinge and moan about Cisco's implementation all day
> long, but that's not going to help. Essentially, I'd like to become
> much better at identifying and applying solutions to NAT scenarios
> with IOS.
>
> I've been setting up NAT on routers for years, and in the end, I can
> always make it work. For trickier configurations, sure, it takes
> longer, but I get there. As we all know, though, there's no time for
> trial and error in the exam room. I want to be able to look at a NAT
> task and immediately know which interface(s) should be 'inside' and
> which interface(s) should be 'outside', which of the many NAT
> configuration options will get the job done, and what "gotchyas" each
> method comes packaged with (e.g. when static routes are required).
>
> Don't get me wrong, I understand how a packet can be transformed by a
> NAT, it's really just gaining a deeper understanding of Cisco's
> implementation.
>
> So, I guess I'm happy to hear what study material helped you really
> 'get' NAT - DocCD links, other Cisco.com articles, books, workbooks,
> whatever - but I'm more interested in the way you approach NAT tasks
> in terms of logic, strategy and troubleshooting. I personally haven't
> found a resource yet that gives me the background theory I require to
> get the most out of practice labs.
>
> cheers,
> Dale
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Mon May 18 2009 - 14:01:42 ART