[nsp] stupid NAT tricks

Christopher J. Wolff chris at bblabs.com
Sun Feb 29 13:43:00 EST 2004


Thank you for the clarification.  Wouldn't I want to give the client inside
the 'ip nat inside' interface a static non-routable IP and then exclude that
client from the NAT ACL?  

Christopher J. Wolff, VP CIO
Broadband Laboratories, Inc.
-----Original Message-----
From: Gert Doering [mailto:gert at greenie.muc.de] 
Sent: Sunday, February 29, 2004 12:52 AM
To: Christopher J. Wolff
Cc: cisco-nsp at puck.nether.net
Subject: Re: [nsp] stupid NAT tricks


On Sat, Feb 28, 2004 at 11:55:57PM -0700, Christopher J. Wolff wrote:
> set up a static route however it appears that the devices behind the
> A subinterface want to use the NAT pool even if there is a static route
> between the two devices.

NAT or not has nothing to do with static routes.  The router will NAT if 
a packet comes in via an "ip nat inside" interface, leaves via an
"ip nat outside" interface, and the access-list (or route-map) matches.

So in your case it should work to exclude "File Server" from the NAT ACL.

USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany
gert at greenie.muc.de
fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de

More information about the cisco-nsp mailing list