[nsp] Cisco NAT for only some outside interfaces?

[John Vaughan]

I have a situation which was thrust upon me and I have not got the 
time/equipment to test it, so I need the benefit of the collective 
experience.

I have to move my network in a piece and stick it behind someone else's 
/28. To preserve my network IPs until we get our own connectivity, I'll be 
natting on my edge router to the /28 IPs. However, each of my other 
offices will have a standard gre tunnel interface to the edge router, and 
I intend to route all the 'internal' inter-office traffic over the tunnels.

My question is basically this:

I can appreciate setting the internal interfaces with 'ip nat inside' and 
the main outside interface as 'ip nat outside'. However, if I _don't_ put 
'ip nat outside' on my tunnel interfaces, will it do what I want and not 
NAT any traffic that it sends through the tunnels? If not, how do I make 
the traffic going to the tunnels not get translated while everything else 
going through the main interface does get translated?
I can see that if I have to do something clever, using route-maps would be 
the way to go, but I can't see how you'd say "depending on the 
_destination_ IP/interface, don't translate this traffic".



-- 
John