I have a 2600 router and 2 networks: 192.168.1.0 & 172.16.1.0. I want to set up a NAT between them. I have configured the 192.168.1.0 as the outside and the 172.16.1.0 as the inside. I have set up my access list and my pool and my source list. Everything is setup properly, but computers on the 192.168.1.0 network can still ping the 172.16.1.0 network. Is this by design? I think i'm missing something here. In addition to translating ip address and ports #'s i thought NAT will allow traffic to proceed through the router from the inside but block all traffic orginating from the outside unless a connection from the inside has already established a connection?
I want to block all traffic coming in but still allow my inside network to access the outside network. Any suggestions or comments on what im missing?
Set up an access list using any any established. This will ensure that the only traffic to be pushed through will have to have an entry in the nat table, which allows you to make sure traffic coming in is only from traffic you originate.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...