[nsp] stupid NAT tricks
Christopher J. Wolff
chris at bblabs.com
Sun Feb 29 13:43:00 EST 2004
Thank you for the clarification. Wouldn't I want to give the client inside
the 'ip nat inside' interface a static non-routable IP and then exclude that
client from the NAT ACL?
Christopher J. Wolff, VP CIO
Broadband Laboratories, Inc.
From: Gert Doering [mailto:gert at greenie.muc.de]
Sent: Sunday, February 29, 2004 12:52 AM
To: Christopher J. Wolff
Cc: cisco-nsp at puck.nether.net
Subject: Re: [nsp] stupid NAT tricks
On Sat, Feb 28, 2004 at 11:55:57PM -0700, Christopher J. Wolff wrote:
> set up a static route however it appears that the devices behind the
> A subinterface want to use the NAT pool even if there is a static route
> between the two devices.
NAT or not has nothing to do with static routes. The router will NAT if
a packet comes in via an "ip nat inside" interface, leaves via an
"ip nat outside" interface, and the access-list (or route-map) matches.
So in your case it should work to exclude "File Server" from the NAT ACL.
USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany
gert at greenie.muc.de
gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp