[nsp] NAT question

Jay Nakamura jnakamur at kiva.net
Mon Feb 2 15:52:39 EST 2004


I have a quick question on NAT that I haven't found the answer to.

Let's say I have the following configuration,

interface FastEthernet0/1
 ip address 10.0.0.2 255.255.255.0
 ip nat inside
!
interface FastEthernet0/2
 ip address 10.0.1.1 255.255.255.0
 ip nat outside
!
ip nat inside source list 101 interface FastEthernet0/2 overload
ip nat inside source static tcp 10.0.0.1 80 10.0.10.1 80 extendable
access-list 101 permit ip 10.0.0.0 0.0.0.255 any
ip route 0.0.0.0 0.0.0.0 10.0.1.2

Let's say 10.0.0.1 is a web server, 10.0.10.1 has the DNS www.foobar.com

Now, the issue is, the users inside would like to connect to the web server
at 10.0.0.1 but use www.foobar.com as the address.

Well, that doesn't work from inside the network since www.foobar.com will
resolve to 10.0.10.1, and NAT gets confused when it hits the router.  (At
least my test bed router does, running 12.2(17a))

Is there a way to configure NAT so you can get to 10.0.10.1 from the inside
network?

TIA,

-Jay



More information about the cisco-nsp mailing list