Use the add-route option on the end of the outside NAT statement. Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130
IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Antonio Soares Sent: Monday, November 22, 2010 1:49 PM To: [email protected] Subject: [OSL | CCIE_Security] Double NAT Hello group, I'm not getting the reason why this Basic Double NAT scenario doesn't work: R1===R2===R3 R1: ! interface FastEthernet0/0 ip address 20.20.20.1 255.255.255.0 ! R2: ! interface FastEthernet0/0 ip address 20.20.20.2 255.255.255.0 ip nat outside ip virtual-reassembly ! interface FastEthernet0/1 ip address 10.10.10.2 255.255.255.0 ip nat inside ip virtual-reassembly ! ip nat inside source static 10.10.10.3 20.20.20.3 ip nat outside source static 20.20.20.1 10.10.10.1 ! R3: ! interface FastEthernet0/1 ip address 10.10.10.3 255.255.255.0 ! Traffic from R1 to R3 arrives to R3 and R3 sends back the traffic to R1 but for some reason R2 blocks this return traffic. Routers running 12.4.24T. Thanks. Regards, Antonio Soares, CCIE #18473 (R&S/SP) [email protected] _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
