Tuesday, June 13, 2006
NAT Inside and Outside Swapped. (Problem #71)
Consider the above network with R2 doing NAT with the inside and outside parts of the network as labelled above. A ping from R1 (source address 10.1.1.1) to R3 (destination address 192.168.1.2) succeeds and goes through a source address NAT translation at R2.
The configuration on the routers is shown below -
ip address 10.1.1.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.1.1.2
ip address 10.1.1.2 255.255.255.0
ip nat inside
ip address 192.168.1.1 255.255.255.0
ip nat outside
ip nat pool NATPOOL 172.16.1.1 172.16.1.254 prefix-length 24
ip nat inside source list 101 pool NATPOOL
access-list 101 permit ip 10.1.1.0 0.0.0.255 any
ip address 192.168.1.2 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.1.1
Now consider the network diagram changed as shown below. Note that the inside and outside portions of the network have been swapped.
You task in this problem is to modify the configuration on R2 alone to reflect the modified assignment of the inside and outside of the network and get the same ping done earlier, i.e. from R1 (source address 10.1.1.1) to R3 (destination address 192.168.1.2) to work with R2 doing the source address NAT translation as before.