12-09-2002 09:10 PM - edited 03-09-2019 01:20 AM
Hi,
I have an issue with the using the NAT which I would like to clarify and here's the scenario.
10.10.10.0 access via int vlan 2
192.168.100.0 - 192.168.110.0 access via int vlan 3
Configuration on the RSM.
interface vlan 1
ip address 192.168.1.1 255.255.255.0
interface vlan 2
ip address 192.168.2.1 255.255.255.0
ip nat outside
interface vlan 3
ip address 192.168.3.1 255.255.255.0
ip nat inside
access-list 150 permit ip 192.168.100.0 0.0.0.255 10.10.10.0 0.0.0.255
ip nat pool test 10.10.100.50 10.10.100.254 netmask 255.255.255.0
ip nat inside source list 150 pool test
Question.
I only wanted devices in the 192.168.100.0 range translated to the IP address in the test pool when accessing devices in 10.10.10.0 network. Will devices in the 192.168.101.0 to 192.168.110.0 networks (without translation) able to access devices in the 10.10.10.0 network or vice versa with the above setup?
TIA.
PF
12-10-2002 05:49 PM
Sure, you haven't specifically denied them access, you've just said, don't NAT them on their way through. You'd need to apply an access-list on the interface that specifically denies the traffic from those other subnets.
12-10-2002 06:01 PM
Gfullage,
Thanks very much for your reply. I can apply this knowledge to my network now...
Thanks.
PF
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide