NAT Design?

Unanswered Question
May 2nd, 2002
User Badges:

I have a 2600 router and 2 networks: 192.168.1.0 & 172.16.1.0. I want to set up a NAT between them. I have configured the 192.168.1.0 as the outside and the 172.16.1.0 as the inside. I have set up my access list and my pool and my source list. Everything is setup properly, but computers on the 192.168.1.0 network can still ping the 172.16.1.0 network. Is this by design? I think i'm missing something here. In addition to translating ip address and ports #'s i thought NAT will allow traffic to proceed through the router from the inside but block all traffic orginating from the outside unless a connection from the inside has already established a connection?


I want to block all traffic coming in but still allow my inside network to access the outside network. Any suggestions or comments on what im missing?


Thanks

Tony

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bbaley Mon, 05/13/2002 - 06:08
User Badges:

Set up an access list using any any established. This will ensure that the only traffic to be pushed through will have to have an entry in the nat table, which allows you to make sure traffic coming in is only from traffic you originate.

Actions

This Discussion