NAT Qns

leowchongwei · ‎12-11-2003

I was doing a simulator and the qns as follows :

10.100.5.0/24 (Email Server : 10.100.5.5)

|

E0 (10.100.5.1/24)

Router A

S0 (192.168.15.1/24)

|

External Network

1) All clients are to NAT using the S0 IP to the external network

2) Clients in the external network will use another IP 192.168.15.5 to access the internal email server

So, i set the following :

S0 - ip nat outside

E0 - ip nat inside

For Part 1)

access-list 5 permit 10.100.5.0 0.0.0.255

ip nat inside source list 5 interface S0 overload

For Part 2)

the command "ip nat outside... " do not work for the simulator, it has a nice prompt saying the command is not supported. what command can i use instead to translate from outside to inside?

Thanks

kkalaycioglu · ‎12-13-2003

1. "ip nat inside" command translates inside local addresses to inside global addresses and "ip nat outside" command translates between outside local and global addresses. In your simulation you name e0 as inside and S0 as outside and according to this convention you translate inside local to inside global. If you change the convention: e0 outside an s0 inside and apply "ip nat inside" with proper config. you can create the same effeft with "ip nat outside" as e0 inside, s0 outside.

For your second question:

You can use TCP overloading for hosts inside to initiate NAT translations to outside but if you want hosts outside to reach your server with a fixed address you need another static NAT entry and this can be "ip nat inside" format.

Regards.

leowchongwei · ‎12-13-2003

so does that mean the command :

ip nat inside static 10.100.5.5 192.168.15.5

allows hosts outside to reach my email server inside (10.100.5.5) just by specifying the outside ip 192.168.15.5 ???

kkalaycioglu · ‎12-14-2003

"ip nat inside source static 10.100.5.5 192.168.15.5 " will work. You can take a look at some similar config at:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml

Good luck.