[nsp] NAT question

Sean Mathias seanm at prosolve.com
Mon Feb 2 16:51:42 EST 2004

Well, on a PIX you would use the fixup protocol dns 53 and alias
commands to perform DNS doctoring.  I don't know that this functionality
exists in IOS.  If it does, I would be interested in knowing which
feature set implements it.

Sean Mathias
CCIE# 12779
seanm at prosolve.com

-----Original Message-----
From: Jay Nakamura [mailto:jnakamur at kiva.net] 
Sent: Monday, February 02, 2004 12:53 PM
To: Cisco List
Subject: [nsp] NAT question

I have a quick question on NAT that I haven't found the answer to.

Let's say I have the following configuration,

interface FastEthernet0/1
 ip address
 ip nat inside
interface FastEthernet0/2
 ip address
 ip nat outside
ip nat inside source list 101 interface FastEthernet0/2 overload ip nat
inside source static tcp 80 80 extendable access-list
101 permit ip any ip route

Let's say is a web server, has the DNS www.foobar.com

Now, the issue is, the users inside would like to connect to the web
server at but use www.foobar.com as the address.

Well, that doesn't work from inside the network since www.foobar.com
will resolve to, and NAT gets confused when it hits the
router.  (At least my test bed router does, running 12.2(17a))

Is there a way to configure NAT so you can get to from the
inside network?



cisco-nsp mailing list  cisco-nsp at puck.nether.net
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list