[nsp] stupid NAT tricks
Christopher J. Wolff
chris at bblabs.com
Sun Feb 29 13:43:00 EST 2004
Gert,
Thank you for the clarification. Wouldn't I want to give the client inside
the 'ip nat inside' interface a static non-routable IP and then exclude that
client from the NAT ACL?
Regards,
Christopher J. Wolff, VP CIO
Broadband Laboratories, Inc.
http://www.bblabs.com
-----Original Message-----
From: Gert Doering [mailto:gert at greenie.muc.de]
Sent: Sunday, February 29, 2004 12:52 AM
To: Christopher J. Wolff
Cc: cisco-nsp at puck.nether.net
Subject: Re: [nsp] stupid NAT tricks
Hi,
On Sat, Feb 28, 2004 at 11:55:57PM -0700, Christopher J. Wolff wrote:
> set up a static route however it appears that the devices behind the
router
> A subinterface want to use the NAT pool even if there is a static route
> between the two devices.
NAT or not has nothing to do with static routes. The router will NAT if
a packet comes in via an "ip nat inside" interface, leaves via an
"ip nat outside" interface, and the access-list (or route-map) matches.
So in your case it should work to exclude "File Server" from the NAT ACL.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany
gert at greenie.muc.de
fax: +49-89-35655025
gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list