Hello list,
after all these years, I am still not quite sure I understand Cisco's NAT syntax. I have read the famous "NAT Order of Operation" (CCO doc ID: 6209), and "Configuring Network Address Translation: Getting Started" (CCO doc ID: 13772) documents, and I have two questions. Let's first look at "inside-to-outside" translation. My understanding is the following: 1. If packet arrives on an interface marked as "inside" 2. AND route for packet destination address is known via an interface marked as "outside" 3. THEN translate source address So in this case, NAT is triggered by a combination of "arriving on inside" and "departing on outside". My first question is: is my understanding of "inside-to-outside NAT" correct? Then comes "outside-to-inside" translation. things get trickier. Cisco says that first comes NAT, then comes routing. This is confusing (and this is my second question): since the router does not know the outgoing interface yet at the time it has to perform NAT, it does not know if the outgoing interface is going to be "inside" or "outside". so how does it know it is supposed to NAT ? Or maybe outside-to-inside NAT is applied to ANY packet that enters the router on an "outside" interface, whatever its destination?... So in this case, NAT is triggered based on "arriving on outside" only? Vincent _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
