[127286] in North American Network Operators' Group
RE:
daemon@ATHENA.MIT.EDU (Greg Whynott)
Sat Jun 19 12:03:16 2010
From: Greg Whynott <Greg.Whynott@oicr.on.ca>
To: Mike Ruiz <mruiz@lstfinancial.com>, "nanog@nanog.org" <nanog@nanog.org>
Date: Sat, 19 Jun 2010 12:02:48 -0400
In-Reply-To: <16E58A1FE7C64A46BAD0FE1558C43D92FE1337@es1.ic-sa.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
depending on your vendor equipment you'll need an ACL or a route map to def=
ine the traffic you wish to Nat and apply it to the 'nat engine'.=20
if you are doing this on cisco ASA or similar it might look something like =
this:
-define the interesting traffic with an ACL:
access-list 110 permit ip 192.168.1.0 0.0.0.255 10.0.1.0 0.0.0.31
access-list 110 deny ip any any
- create a route-map:
route-map natme permit 10
match ip address 110
- apply the map:
ip nat inside source route-map natme interface GigabitEthernet0/1 overload
hope that helps.
-g
________________________________________
From: Mike Ruiz [mruiz@lstfinancial.com]
Sent: Friday, June 18, 2010 4:13 PM
To: nanog@nanog.org
Subject: <NAT translation from a sourced network to a destination network>
Ok here we go. I know the subject is a little ambiguous, please allow to e=
xplain.
I have a network of 192.168.1.0/24 and I need it to reach a network 10.0.1.=
0/27 only when it needs to be accessed by specific machines that reside on =
the 192.168.1.0/24 network.
192.168.1.10 =E0 NAT =E010.0.1.10 =E0 route that packet to 10.0.1.1.
I only want specific host to route to that specific /27 network .
Any help would be appreciated. So far what I have gathered is only for VPN =
connections but I do not want to build a VPN. Thank you again in advance.
Michael Ruiz
Network Engineer
"If you tell people where to go, but not how to get there, you'll be amazed=
at the results." -- General George S. Patton Jr.
