Hello, i have a router configured as so:
net--inside--e0-[R]-e1--outside-->net
I am translating inside addresses
on e0's network to the address configured for e1.
What i would like to do is stop packets originating or destined (not forwarded) from/to the router to be blocked. Unfortunately, i am using overloaded PAT, so by blocking packets from or to e1's IP it also blocks the NATed IPs.
Does anyone have a good suggestion for ways around this? Could i maybe apply a secondary IP to the e1 interface and force the router to use that for all locally created and destined packets?
I guess i could also set up dynamic NAT and use a pool, and filter out connections to the IP that is for the router itself.
Any suggestions please...