Please guys, there must be someone who knows this. I don't need actual config lines, the plain theoretical explanation will do. :) Maybe many of you who will read this will say "why don't you try this and see for yourself" - well the problem is I don't have the third interface YET and I gotta find the solution before it comes into my hands...
I have one inside interface and one outside interface. OK, standard procedure, IP protocol. Now, let's imagine two possibilities.
1) We add a third interface and enable NAT inside. So, we have two insides and one outside. Now, what will happen when I try to send a packet from the third interface (nat inside) to the first interface (nat inside too) and on to the internal network? Is the router clever enough to let the packet go through without translation? And what will happen with the returning packet when it comes back to the router i.e. will the router be confused and try to translate the source address?
2) We add a third interface without any NAT implementation. Is it possible to send the packet from this interface to the internal network (i.e. through the nat inside interface)? Again, what will happen with the packet on the way back? Will the router try to translate it and then toss it away because it isn't on the ACL list for translation?
Thanks, you are most kind to post one more message. But, I know about basic NAT procedures and this is not the situation where it can be useful. I was talking about three interfaces and routing between them.
NAT only occurs when traffic goes between an inside interface and an outside interface. So, in your first example of traffic going from one inside interface to another, there is no NAT. Likewise, in your second example, there is no address translation when going from an inside interface to a non-NATed interface.
Great Mark, that's the kind of an aswer I needed. Does this mean I can have separate ACLs for NAT and for other traffic? And the router will see whether the packet needs translation or not and use the proper ACL?
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...