Re: NAT question; Bootcamp lab 12 posted 01/25/2001
Hidden commands? The commands below aren't hidden, they're well documented
and can be seen in the IOS parser.
Technically it isn't NAT, its PAT, which is Port Address
Translation. It's typically used if you don't have any global address
space to use other than what's on your outbound interface(s). It will
allow you to use up to 64,000 translations (4,000 in older versions of
code) for the ip address on the outbound interface.
The access-list refers to the traffic that will be allowed to be
translated and, yes, you could use the same access-list for both. The
reason for that is we route first then perform PAT (or NAT). Be sure
to exclude your outbound interface from the access-list so it doesn't mess
up your routing protocol (i.e. translated hello packets going to the
neighbor). Technically, it shouldn't since it's on an outbound interface
but it will if you do a "permit any" in your access-list (some people
think it's a misconfiguration to do so, but I personally think we should
should file a sys-wish bug so it doesn't do it).
Hope that helps,
On Wed, 24 Jan 2001, Harbir Kohli wrote:
> Does anyone know Cisco has hidden NAT in the 12.1 manuals?
> I am trying to understand what this command does:
> ip nat inside source list 1 int s0 overload
> ip nat inside source list 2 int s1 overload
> what is the address that this list will use to translate private
> addresses to ? is it picking a random number?
> and why do you use a separate list for each interface? could you use the
> same access list for 2 interfaces so and s1?
> To unsubscribe from the CCIELAB list, send a message to
> majordomo@xxxxxxxxxxxxxx with the body containing:
> unsubscribe ccielab
To unsubscribe from the CCIELAB list, send a message to
majordomo@xxxxxxxxxxxxxx with the body containing: