I have a 2600 router and 2 networks: 192.168.1.0 & 172.16.1.0. I want to set up a NAT between them. I have configured the 192.168.1.0 as the outside and the 172.16.1.0 as the inside. I have set up my access list and my pool and my source list. Everything is setup properly, but computers on the 192.168.1.0 network can still ping the 172.16.1.0 network. Is this by design? I think i'm missing something here. In addition to translating ip address and ports #'s i thought NAT will allow traffic to proceed through the router from the inside but block all traffic orginating from the outside unless a connection from the inside has already established a connection?
I want to block all traffic coming in but still allow my inside network to access the outside network. Any suggestions or comments on what im missing?