Re: Are you an IOS NAT expert?

This is the more appropriate link :)

http://slaptijack.com/networking/cisco-nat-and-port-range-resolution/

On Mon, May 18, 2009 at 2:47 PM, Damian Higgins <linnewbye_at_gmail.com> wrote:

> Hello Dale,
>
> If you ever run into forwarding port ranges on a cisco, you may wanna
> check this out :
> hxxp://slaptijack.com/networking/cisco-nat-and-port-range-stupidity/
> ;)
>
> On Mon, May 18, 2009 at 2:38 PM, Sadiq Yakasai <sadiqtanko_at_gmail.com>
> wrote:
> > Or trying going through the INE Sec material - end of 2 weeks doing NAT,
> you
> > would be the NAT king Dale! (thats a promise) ;-)
> >
> >
> >
> > On Mon, May 18, 2009 at 12:01 PM, Salah ElShekeil <
> salah.elshekeil_at_gmail.com
> >> wrote:
> >
> >> Hi Dale,
> >>
> >> I used TCP/IP book, and VOL 1 ver 5.0
> >>
> >> in Ver 5.0 u will find a lot of examples :)
> >>
> >> Good luck
> >>
> >>
> >> On Mon, May 18, 2009 at 12:43 PM, Dale Shaw <dale.shaw_at_gmail.com>
> wrote:
> >>
> >> > Hi all,
> >> >
> >> > I really dislike IOS NAT. Reeeaaallly dislike it. I cut my teeth on
> >> > NAT on Linux and BSD and it just seems to make so much more sense to
> >> > me on those systems.
> >> >
> >> > The "inside local", "inside global", "outside local" and "outside
> >> > global" concepts -- why, Cisco? Whhhhhy? And it's just as
> >> > brain-destroying on PIX/ASA, if you ask me.
> >> >
> >> > Anyway, I could whinge and moan about Cisco's implementation all day
> >> > long, but that's not going to help. Essentially, I'd like to become
> >> > much better at identifying and applying solutions to NAT scenarios
> >> > with IOS.
> >> >
> >> > I've been setting up NAT on routers for years, and in the end, I can
> >> > always make it work. For trickier configurations, sure, it takes
> >> > longer, but I get there. As we all know, though, there's no time for
> >> > trial and error in the exam room. I want to be able to look at a NAT
> >> > task and immediately know which interface(s) should be 'inside' and
> >> > which interface(s) should be 'outside', which of the many NAT
> >> > configuration options will get the job done, and what "gotchyas" each
> >> > method comes packaged with (e.g. when static routes are required).
> >> >
> >> > Don't get me wrong, I understand how a packet can be transformed by a
> >> > NAT, it's really just gaining a deeper understanding of Cisco's
> >> > implementation.
> >> >
> >> > So, I guess I'm happy to hear what study material helped you really
> >> > 'get' NAT - DocCD links, other Cisco.com articles, books, workbooks,
> >> > whatever - but I'm more interested in the way you approach NAT tasks
> >> > in terms of logic, strategy and troubleshooting. I personally haven't
> >> > found a resource yet that gives me the background theory I require to
> >> > get the most out of practice labs.
> >> >
> >> > cheers,
> >> > Dale
> >> >
> >> >
> >> > Blogs and organic groups at http://www.ccie.net
> >> >
> >> >
> _______________________________________________________________________
> >> > Subscription information may be found at:
> >> > http://www.groupstudy.com/list/CCIELab.html
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >> >
> >>
> >>
> >> --
> >> Salah
> >> CCIE# 24207
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> > --
> > CCIE #19963
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Tue May 19 2009 - 09:28:09 ART