[nsp] NAT question

Bruce Pinsky bep at whack.org
Mon Feb 2 17:21:58 EST 2004

Hash: SHA1

Jay Nakamura wrote:

| I have a quick question on NAT that I haven't found the answer to.
| Let's say I have the following configuration,
| interface FastEthernet0/1
|  ip address
|  ip nat inside
| !
| interface FastEthernet0/2
|  ip address
|  ip nat outside
| !
| ip nat inside source list 101 interface FastEthernet0/2 overload
| ip nat inside source static tcp 80 80 extendable
| access-list 101 permit ip any
| ip route
| Let's say is a web server, has the DNS www.foobar.com
| Now, the issue is, the users inside would like to connect to the web server
| at but use www.foobar.com as the address.
| Well, that doesn't work from inside the network since www.foobar.com will
| resolve to, and NAT gets confused when it hits the router.  (At
| least my test bed router does, running 12.2(17a))
| Is there a way to configure NAT so you can get to from the inside
| network?

Why not solve this with DNS?  If you are running BIND 8.x or 9.x you should
be able to use views to provide different IP address resolution to the
hosts inside vs the hosts outside your network.

- --

Version: GnuPG v1.2.2 (MingW32)


More information about the cisco-nsp mailing list