[nsp] NAT question
Sean Mathias
seanm at prosolve.com
Mon Feb 2 16:51:42 EST 2004
Well, on a PIX you would use the fixup protocol dns 53 and alias
commands to perform DNS doctoring. I don't know that this functionality
exists in IOS. If it does, I would be interested in knowing which
feature set implements it.
Sean Mathias
CCIE# 12779
206-920-0301
seanm at prosolve.com
-----Original Message-----
From: Jay Nakamura [mailto:jnakamur at kiva.net]
Sent: Monday, February 02, 2004 12:53 PM
To: Cisco List
Subject: [nsp] NAT question
I have a quick question on NAT that I haven't found the answer to.
Let's say I have the following configuration,
interface FastEthernet0/1
ip address 10.0.0.2 255.255.255.0
ip nat inside
!
interface FastEthernet0/2
ip address 10.0.1.1 255.255.255.0
ip nat outside
!
ip nat inside source list 101 interface FastEthernet0/2 overload ip nat
inside source static tcp 10.0.0.1 80 10.0.10.1 80 extendable access-list
101 permit ip 10.0.0.0 0.0.0.255 any ip route 0.0.0.0 0.0.0.0 10.0.1.2
Let's say 10.0.0.1 is a web server, 10.0.10.1 has the DNS www.foobar.com
Now, the issue is, the users inside would like to connect to the web
server at 10.0.0.1 but use www.foobar.com as the address.
Well, that doesn't work from inside the network since www.foobar.com
will resolve to 10.0.10.1, and NAT gets confused when it hits the
router. (At least my test bed router does, running 12.2(17a))
Is there a way to configure NAT so you can get to 10.0.10.1 from the
inside network?
TIA,
-Jay
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list