From: Brian Hescock (bhescock@xxxxxxxxx)
Date: Wed Jan 24 2001 - 18:40:52 GMT-3
Outbound packets--- routing done first, then nat
Inbound packets--- nat first, then route
On Wed, 24 Jan 2001, Maljure, Sanjay wrote:
> Hi everyone
> Please help me with a couple of questions.....
>
> 1. When does the routing decision occur? before or after NAT????
> 2. How about for inside source address NATing? before or after?
> 3. How about for outside source address NATing? before or after?
>
> Can't get to my test lab right now. So any help would be appreciated.
> Also forgive the atrocious english. How does one apply for a poetic
> license?
> Thanks for your time
>
> Sanjay
>
>
> -----Original Message-----
> From: Brian Hescock [mailto:bhescock@cisco.com]
> Sent: Wednesday, January 24, 2001 3:25 PM
> To: Maljure, Sanjay
> Cc: ccielab@groupstudy.com
> Subject: RE: Destination NAT....
>
>
> Sanjay,
> I'm in the middle of a class right now but check a couple of the docs
> and you should find what you need. I've used the docs to set it up for
> an
> internal lab I developed and it worked, although overlapping ip
> addresses
> with nat is rather confusing. If I remember correctly there's one key
> stumbling block that you can run into with the static route you need to
> add (I believe it was a matter of what you point it to, it's not what
> you
> think).
>
> Let me know if you don't get it working and I can check after class, I
> can
> send you that portion of the lab, which includes the working config.
>
> B.
>
> On Wed, 24 Jan 2001, Maljure, Sanjay wrote:
>
> > Hi Brian
> > I did look at the documents describing the "overlapping with NAT " I
> > think what I am trying to do is exactly the same as the 'overlapping'
> > case except for the DNS part. And not having DNS should not really
> > matter.
> > None of the documents that I looked at gave a sample script for doing
> > this using static IP addresses. One document that I looked in to used
> > 'inside source list..' and 'outside source list...' to do it as they
> > were translating entire subnets.
> > So I am thinking 'inside source static' and 'outside source static'
> will
> > do the trick for me.
> > What do you think?
> > Thanks
> >
> > Sanjay Maljure
> > CCIE# 6286
> > Enterprise Systems Consultant
> > Ciber, Inc.
> >
> > Tel - 732.225.1700
> > Fax - 732.225.1973
> >
> >
> > -----Original Message-----
> > From: Brian Hescock [mailto:bhescock@cisco.com]
> > Sent: Wednesday, January 24, 2001 2:51 PM
> > To: Maljure, Sanjay
> > Cc: ccielab@groupstudy.com
> > Subject: Re: Destination NAT....
> >
> >
> > Sounds like you want to do NAT with overlapping ip addresses. Do a
> > search
> > on CCO on "NAT and overlapping"
> >
> > Brian
> >
> > On Wed, 24 Jan 2001, Maljure, Sanjay wrote:
> >
> > >
> > > Hi
> > > I thought I knew this stuff but I am beginning to see these funny
> > gnomes
> > > flying around....so please help
> > > What I need to do:
> > >
> > > I have an IP packet
> > > SIP=10.190.9.20
> > > DIP=10.190.29.111
> > >
> > > I need to NAT this so that
> > >
> > > SIP=172.30.43.111
> > > DIP=172.31.21.112
> > >
> > > And all these IP addresses are fixed which means I got to do static
> > NAT
> > >
> > > I am using a 2500 with "full NAT" feature set
> > >
> > > NATing the source IP addresses can be done with "ip nat inside
> source
> > > static....."
> > > How do I take care of the destination IP address NATing? ("ip nat
> > > outside source static...." will work????)
> > >
> > > Thanks for your time
> > > Sanjay
> > >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:27:42 GMT-3