[nsp] stupid NAT tricks
Stephen J. Wilcox
steve at telecomplete.co.uk
Sun Feb 29 10:30:25 EST 2004
On Sat, 28 Feb 2004, Christopher J. Wolff wrote:
> I have a Ethernet sub interface on router A that uses an overloaded NAT pool
> for internet access. I have another Ethernet sub interface on router B
> (connected to A) that has a server I want a device on subinterface router A
> to connect to. However I don't want it to use the overloaded nat pool. I
> set up a static route however it appears that the devices behind the router
> A subinterface want to use the NAT pool even if there is a static route
> between the two devices.
Perhaps I'm misunderstanding.. if the server isnt in the A-interface then it
wont be subject to being NATed, if a device on A tries to connect to the server
on B it shouldnt be NATed either, assuming that you havent defined the B
interface as a 'nat outside'.
(Also, as Gert says, the static route has nothing to do with how NAT operates.
If there is a reason why this is being NATed other than misconfiguration then
you can modify your acl to exclude the translation or if its complicated use a
route-map with more sophisticated acls on)
> Here's what it looks like
> Router A---------LAN------------Router B
> | |
> NAT pool A------------| File Server
> | |
> Subint 10.0.0.1/24 |
> Any suggestions would be appreciated. I read something on the cisco site
> about a 'no-payload' statement which seemed to apply to this situation but
> it wasn't clear how. Thank you.
> Christopher J. Wolff, VP CIO
> Broadband Laboratories, Inc.
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp