[c-nsp] Doubt Cisco NAT
David Prall
dcp at dcptech.com
Thu Aug 31 10:25:10 EDT 2006
Everton,
Are you sure the outside netmask is correct. You can only have 2 address on
the outside interface. One has to be the local address and the other the
next-hop, so you don't have an address to nat to outside the physical
interface.
David
--
David C Prall dcp at dcptech.com http://dcp.dcptech.com
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Everton Diniz
> Sent: Monday, August 28, 2006 10:33 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] Doubt Cisco NAT
>
> I want to do a NAT where a host on the internet access the
> server on my
> network.
>
> interface FastEthernet0/0
> ip address 200.162.xx.xx 255.255.255.252
> ip nat outside
> no ip mroute-cache
> duplex auto
> speed auto
> no cdp enable
>
> interface FastEthernet0/1
> ip address 10.90.4.5 255.255.255.252
> no ip redirects
> no ip unreachables
> no ip proxy-arp
> ip nat inside
> no ip mroute-cache
> duplex auto
> speed auto
> no cdp enable
>
> ip nat inside source static 10.90.3.2 200.162.xx.xy
> ip route 10.90.3.0 255.255.255.224 10.90.4.6
>
> The syntax for the NAT config is correct??
> ip nat inside source static <IP Inside network> <IP that
> users outside know>
>
> I see this logs.
> Aug 28 14:29:53: NAT: o: tcp (200.162.xx.zz, 60402) ->
> (200.162.xx.xy, 80)
> [1929]
> Aug 28 14:29:53: NAT: s=200.162.xx.zz,
> d=200.162.xx.xy->10.90.3.2 [1929]
>
> Tks,
>
> -Everton
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list