[c-nsp] nat issue......
Metz, E.T. (Eduard)
Eduard.Metz at tno.nl
Fri Aug 3 07:22:07 EDT 2007
this may help:
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a
0080093fca.shtml
you don't actually have multiple pools (although maybe some sort of
'null' pool), but in the acl that is referred in the route-map you could
put a deny statement for traffic from 10.100.x.x/22 to a.b.c.d/nn (your
management stations?) followed by a permit for traffic from
10.100.x.x/22 to any destination.
cheers,
eduard
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of p
> Sent: vrijdag 3 augustus 2007 2:29
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] nat issue......
>
>
> Hi all,
>
> I have a cisco 7200 that's terminating a bunch of DSL customers.
> These customers are on 10.100.x.x/22 space. I'm doing all nat
> on the router, ip nat inside on the atm interfaces and ip nat
> outside on my gateway fast0.
>
> The problem is from the outside the router I can't get to the
> 10.100.x.x space. When I ping the 10.100.x.x ips I get a
> reply from one of the nat pool ips, because the packet coming
> back to me triggers nat as it passed ip nat inside/ip nat
> outside. ( so I think! )
>
> I installed another fast ethernet, lets say 1.1.1.2, without
> a nat outside statement and I added a static host route to my
> workstation, workstation 2.2.2.2/32 to 1.1.1.1 (other side of fast2).
>
> In doing this I was thinking that the packets would be coming
> in on the default interface fast0 and coming out on fast2 (no
> nat statement) but this doesn't seem to be the case. I also
> loose connectivity to fast0, can't ping etc, when I add my
> workstations host route.
>
> Basically I'm trying to manage the DSL nat block without it
> triggering the Nat statements when it comes back to me.
>
> TIA, P.A
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
This e-mail and its contents are subject to the DISCLAIMER at http://www.tno.nl/disclaimer/email.html
More information about the cisco-nsp
mailing list