[nsp] stupid NAT tricks
Christopher J. Wolff
chris at bblabs.com
Sun Feb 29 14:03:06 EST 2004
You have a good point sir. I suppose I've never thought of using the NAT
ACL to control what destination can be NAT'ed to, I've only thought of it in
the context of which nat inside hosts get access to the internet.
Christopher J. Wolff, VP CIO
Broadband Laboratories, Inc.
From: Gert Doering [mailto:gert at greenie.muc.de]
Sent: Sunday, February 29, 2004 11:49 AM
To: Christopher J. Wolff
Cc: 'Gert Doering'; cisco-nsp at puck.nether.net
Subject: Re: [nsp] stupid NAT tricks
On Sun, Feb 29, 2004 at 11:43:00AM -0700, Christopher J. Wolff wrote:
> Thank you for the clarification. Wouldn't I want to give the client
> the 'ip nat inside' interface a static non-routable IP and then exclude
> client from the NAT ACL?
I don't fully grok that question.
If the IP is non-routeable, and you exclude it from NAT, what do you gain?
USENET is *not* the non-clickable part of WWW!
Gert Doering - Munich, Germany
gert at greenie.muc.de
gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp