[nsp] Destination NAT
Gerald Krause
gk at pop-interactive.de
Tue Feb 3 19:24:37 EST 2004
I try to find a solution for some kind of proxy forcing environment with NAT
like this:
initial ip packet generated ip packet
----------------- -------------------
inside outside
192.168.0.1 -> www.foo.bar(x.x.x.x) ----- [ROUTER] ----- 192.168.0.1 -> 1.2.3.4
192.168.0.2 -> www.tofoo.bar(y.y.y.y) ----- [ROUTER] ----- 192.168.0.2 -> 1.2.3.4
192.168.0.3 -> www.footo.bar(z.z.z.z) ----- [ROUTER] ----- 192.168.0.3 -> 1.2.3.4
...
192.168.0.x -> ?.?.?.? ----- [ROUTER] ----- 192.168.0.x -> 1.2.3.4
Or maybe with double NAT:
initial ip packet interim ip packet generated ip packet
----------------- ----------------- -------------------
inside outside
----- [ROUTER] -----
192.168.0.1 -> www.foo.bar(x.x.x.x) loopback 0 -> (x.x.x.x) loopback 0 -> 1.2.3.4
192.168.0.2 -> www.tofoo.bar(y.y.y.y) loopback 0 -> (y.y.y.y) loopback 0 -> 1.2.3.4
...
My first thought was about creating two NAT statements...
1) 192.168.0.x -> loopback 0 overload
2) loobback 0 -> 1.2.3.4
...but after some tests I realize that this won't work.
I have search a lot of cisco doc's for such a "fixed destination address translation"
without success. Have someone out there an idea? Or is this really a very bad way?
Thx,
Gerald
More information about the cisco-nsp
mailing list