If I have a network say Network A and Network B and if A is the inside then B is the outside Network. Given this partial Running Config, what is the reverse IP NAT statement from the Outside Network returning to the Inside network so those inside Network A requesting YouTube Videos can actually see them from Network B?
Also, would you be able to explain how I would allow any IP from the AP-Pool to receive the reply from the External Network since I overloaded the IP NAT Inside Source ? If there a way to write the reply ?
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.99.254
ip dhcp excluded-address 192.168.99.1
ip dhcp pool AP-Pool
network 192.168.99.0 255.255.255.0
description Outside Interface for Internet access | Gateway is 126.96.36.199/29
ip address 188.8.131.52 255.255.255.248
ip nat outside
ip virtual-reassembly in
ip address 192.168.99.254 255.255.255.0
ip dns view-group internallist
ip nat inside
ip virtual-reassembly in
ip dns view external
domain name-server 184.108.40.206
ip dns view internal
domain name-server 220.127.116.11
domain name-server 18.104.22.168
ip dns view-list internallist
view internal 1
ip dns server view-group internallist
ip dns server
ip nat inside source list 101 interface GigabitEthernet0/0 overload
access-list 101 permit ip 192.168.99.0 0.0.0.255 any
You don't need a separate statement for return traffic. It's a package deal.
When your pc at 192.168.99.20 sends a request out to YouTube or capital one.com, it picks a source port, say port 51905.
So the packet hits your router with destination (YouTube up address) :80 source 192.168.99.20:51905
Your router creates a return entry with the source and destination reversed. And when it performs the NAT, it maps that 51905 port as the source. So when the return traffic comes back, your router looks knows that destination port belongs to 192.168.99.20 and forwards it back to your pc.
Outside local is a different animal, probably not something you'll use very often. Imagine there's a web server on some external network at up 22.214.171.124. For whatever reason, you need it to appear local, so you want it to look like it's at 192.168.1.9. You want your inside local pc's to be able to type http://192.168.1.9 in a browser window and the router takes the traffic and NAT/PATs it to the 126.96.36.199 server.
So having said that, what would the actual statement be?
Ip nat source outside 188.8.131.52 interface vlan 99 extended
would this be the answer based on your example?