Re: [cisco-ttl] Oncelik

From: Ozgur Guler (gulerozgur_at_yahoo.co.uk)
Date: Thu Dec 23 2004 - 07:28:05 GMT

  • Next message: Indat Pektas: "[cisco-ttl] Router_to_router Callback"

    merhaba,
     
    nat inside inte gelen paket,
    once interface acl -acl 2 den gecer.
    route edilir.
    nat acl i 1 den geçer.
    acl 1 ile match ederse natlanır, etmezse natlanmadan geçer.
     
    nat outside inte gelen paket...
    once interface acl - acl 3 den geçer.
    sonra nat tablosuna bakılır...
    state varsa, geçer route edilir yoksa drop olur...
    yani 1 nolu acl den geçmez.

    ozkan karacayoglu <ozkan_izmir_at_yahoo.com> wrote:
      Burada kafa karistiran Nat in kurulu olmasi:)
      Nat source listte olan ip ler nat ile, digerleri
    normal routing ile mi gider yada diger iplerin
    gecisine izin verilmez mi?
    Ve nat inside interface i altinda router once nat
    access-list ine mi bakar "ip access-group 2 in"
    listine mi?
       

    --- ozkan <ozkan_izmir_at_yahoo.com> wrote:

    >
    > Merhaba,
    > Asagidaki ornek konfigde nat inside ve/veya
    > outside tarafina gelen
    > bir paketin access-listlerden hangi sirayla gececegi
    > veya
    > gecemeyecegi konusunda fikirleriniz nedir?
    >
    > !
    > interface FastEthernet0
    > ip address 192.168.30.40 255.255.255.0
    > ip nat outside
    > ip access-group 3 in
    > half-duplex
    > !
    > interface FastEthernet0
    > ip address 172.30.40.50 255.255.255.0
    > ip nat inside
    > ip access-group 2 in
    > speed auto
    > half-duplex
    > !
    > ip nat pool pool 192.168.30.50 192.168.30.50
    > prefix-length 24
    > ip nat inside source list 1 pool pool overload
    > ip classless
    > !
    > ip route 0.0.0.0 0.0.0.0 192.168.30.201
    > !
    > access-list 1 permit 172.30.40.1
    > access-list 1 permit 172.30.40.2
    > access-list 1 permit 172.30.40.3
    > !
    > access-list 2 permit 172.30.40.1
    > access-list 2 permit 172.30.40.2
    > access-list 2 permit 172.30.40.10
    > !
    > access-list 101 permit 172.30.40.1 0.0.0.255 any
    > !
    > access-list 102 permit 172.10.10.10 0.0.0.255 any
    > !
    > access-list 3 deny 172.30.40.0
    > access-list 3 permit any
    > !
    >
    >
    >
    >
    >

                
    __________________________________
    Do you Yahoo!?
    Yahoo! Mail - Helps protect you from nasty viruses.
    http://promotions.yahoo.com/new_mail

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Yahoo! Groups Sponsor
    Get unlimited calls to

    U.S./Canada

    ---------------------------------
    Yahoo! Groups Links

       To visit your group on the web, go to:
    http://groups.yahoo.com/group/cisco-ttl/
      
       To unsubscribe from this group, send an email to:
    cisco-ttl-unsubscribe_at_yahoogroups.com
      
       Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.

                    
    ---------------------------------
     ALL-NEW Yahoo! Messenger - all new features - even more fun!

    [Non-text portions of this message have been removed]

    ------------------------ Yahoo! Groups Sponsor --------------------~-->
    $4.98 domain names from Yahoo!. Register anything.
    http://us.click.yahoo.com/Q7_YsB/neXJAA/yQLSAA/26EolB/TM
    --------------------------------------------------------------------~->

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    Yahoo! Groups Links

    <*> To visit your group on the web, go to:
        http://groups.yahoo.com/group/cisco-ttl/

    <*> To unsubscribe from this group, send an email to:
        cisco-ttl-unsubscribe_at_yahoogroups.com

    <*> Your use of Yahoo! Groups is subject to:
        http://docs.yahoo.com/info/terms/
     



    This archive was generated by hypermail 2.1.5 : Thu Dec 23 2004 - 11:28:43 GMT