The rest of the world has to have a route to your pool of addresses (222.2.2.1-254 in your example). The pool is assigned by your local ISP. They should have a route to it. With PAT you could use the WAN interface address for all translations.
> -----Original Message----- > From: James Gosnold [mailto:[EMAIL PROTECTED] > Sent: Friday, March 21, 2003 8:55 AM > To: [EMAIL PROTECTED] > Subject: Confused over NAT [7:65926] > > > Dear all, > > Just having a slight problem getting my head around NAT regarding the > example configurations in the study guides I have. > > access-list 1 permit 10.0.0.1 0.0.0.255 (defines list of addresses) > > ip nat pool mynatpool 222.2.2.1 222.2.2.254 netmask > 255.255.255.0 (defines > pool of inside global addresses NAT can replace the SA with) > ip nat inside source list 1 pool mynatpool (applies the > addresses laid out > in the access-list as inside addresses and tells router to > replace SA from > mynatpool) > > int eth0 > ip address 10.0.0.1 255.255.255.0 > ip nat inside (tells NAT that this is where inside addresses > come from) > > int ser0 > ip address 133.4.4.1 255.255.255.0 > ip nat outside > > So here is my confusion: > > If the Ser0 interface is the WAN address (133.4.4.1) and it > replaces the > inside local address with a SA from mynatpool (222.2.2.1 - > 222.2.2.254) then > how will the packet get back to the WAN interface? I thought > that NAT would > replace the inside local address with the address of the WAN > interface, not > a group of different public ip addresses? How will the packet > get back if > the SA is from the range 222.2.2.1 - 254 and yet the IP > address of the WAN > interface is clearly not from this range? > > Confused from London.... > > Regards, James. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=65936&t=65926 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
