cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
658
Views
0
Helpful
4
Replies

NAT OverLoad - Security concern

ronald.ramzy
Level 1
Level 1

Hi,

Is this a secure NAT Overload configuration, what I mean "Nobody from Public Network can access private NATTED Box"

interface fa0/0

ip nat inside

interface s0/0

ip nat outside

access-list 100 permit ip 192.168.1.100 255.255.255.255 any

ip nat inside source list 100 interface serial 0/0 overload

4 Replies 4

paolo bevilacqua
Hall of Fame
Hall of Fame

Correct, nobody from outside can access inside, all connections must be initiated from inside.

You can also use a standard ACL to the same effect.

pciaccio
Level 4
Level 4

If the 192.168.1.100 is in the INSIDE then this is good....

Thanks

192.168.1.100 is ISA Server IP, will there be any performance impact using NAT OverLoad.

********

Is the following configuration Secured ( Anyone from outside cannot initiate connection )

********Configuration ******************

****************************************

ip subnet-zero

ip domain lookup source-interface FastEthernet0/0

ip name-server 4.4.4.4

interface FastEthernet0/0

description Connected to ISP

ip address 10.10.10.66 255.255.255.224

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description Connection to LAN-Switch

ip address 192.168.1.100 255.255.255.0

ip accounting output-packets

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.10.65

ip route 172.20.16.0 255.255.255.0 192.168.1.1

no ip http server

no ip http secure-server

ip nat inside source static 192.168.1.101 10.10.10.68

ISA Server : 192.168.1.101

Public IP : 10.10.10.68

You have been told already that is ok.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco