Re: [cisco-ttl] Oncelik

From: ozkan karacayoglu (ozkan_izmir_at_yahoo.com)
Date: Thu Dec 23 2004 - 12:59:22 GMT

  • Next message: Serhat Uslay: "Re: [cisco-ttl] port mirror"

       ozgur tesekkurler
     

    --- Ozgur Guler <gulerozgur_at_yahoo.co.uk> wrote:

    > merhaba,
    >
    > nat inside inte gelen paket,
    > once interface acl -acl 2 den gecer.
    > route edilir.
    > nat acl i 1 den geçer.
    > acl 1 ile match ederse natlanır, etmezse natlanmadan
    > geçer.
    >
    > nat outside inte gelen paket...
    > once interface acl - acl 3 den geçer.
    > sonra nat tablosuna bakılır...
    > state varsa, geçer route edilir yoksa drop olur...
    > yani 1 nolu acl den geçmez.
    >
    >
    > ozkan karacayoglu <ozkan_izmir_at_yahoo.com> wrote:
    > Burada kafa karistiran Nat in kurulu olmasi:)
    > Nat source listte olan ip ler nat ile, digerleri
    > normal routing ile mi gider yada diger iplerin
    > gecisine izin verilmez mi?
    > Ve nat inside interface i altinda router once nat
    > access-list ine mi bakar "ip access-group 2 in"
    > listine mi?
    >
    >
    >
    >
    > --- ozkan <ozkan_izmir_at_yahoo.com> wrote:
    >
    > >
    > > Merhaba,
    > > Asagidaki ornek konfigde nat inside ve/veya
    > > outside tarafina gelen
    > > bir paketin access-listlerden hangi sirayla
    > gececegi
    > > veya
    > > gecemeyecegi konusunda fikirleriniz nedir?
    > >
    > > !
    > > interface FastEthernet0
    > > ip address 192.168.30.40 255.255.255.0
    > > ip nat outside
    > > ip access-group 3 in
    > > half-duplex
    > > !
    > > interface FastEthernet0
    > > ip address 172.30.40.50 255.255.255.0
    > > ip nat inside
    > > ip access-group 2 in
    > > speed auto
    > > half-duplex
    > > !
    > > ip nat pool pool 192.168.30.50 192.168.30.50
    > > prefix-length 24
    > > ip nat inside source list 1 pool pool overload
    > > ip classless
    > > !
    > > ip route 0.0.0.0 0.0.0.0 192.168.30.201
    > > !
    > > access-list 1 permit 172.30.40.1
    > > access-list 1 permit 172.30.40.2
    > > access-list 1 permit 172.30.40.3
    > > !
    > > access-list 2 permit 172.30.40.1
    > > access-list 2 permit 172.30.40.2
    > > access-list 2 permit 172.30.40.10
    > > !
    > > access-list 101 permit 172.30.40.1 0.0.0.255 any
    > > !
    > > access-list 102 permit 172.10.10.10 0.0.0.255 any
    > > !
    > > access-list 3 deny 172.30.40.0
    > > access-list 3 permit any
    > > !
    > >
    > >
    > >
    > >
    > >
    >
    >
    >
    >
    > __________________________________
    > Do you Yahoo!?
    > Yahoo! Mail - Helps protect you from nasty viruses.
    > http://promotions.yahoo.com/new_mail
    >
    >
    > Bu listenin Cisco Systems ile herhangi bir
    > baglantisi bulunmamaktadir.
    >
    > Listeden cikmak için
    > cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    > e-posta gönderebilirsiniz.
    >
    >
    > Yahoo! Groups Sponsor
    > Get unlimited calls to
    >
    > U.S./Canada
    >
    >
    > ---------------------------------
    > Yahoo! Groups Links
    >
    > To visit your group on the web, go to:
    > http://groups.yahoo.com/group/cisco-ttl/
    >
    > To unsubscribe from this group, send an email to:
    > cisco-ttl-unsubscribe_at_yahoogroups.com
    >
    > Your use of Yahoo! Groups is subject to the
    > Yahoo! Terms of Service.
    >
    >
    >
    > ---------------------------------
    > ALL-NEW Yahoo! Messenger - all new features - even
    > more fun!
    >
    > [Non-text portions of this message have been
    > removed]
    >
    >

                    
    __________________________________
    Do you Yahoo!?
    The all-new My Yahoo! - Get yours free!
    http://my.yahoo.com
     

    ------------------------ Yahoo! Groups Sponsor --------------------~-->
    Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
    Now with Pop-Up Blocker. Get it for free!
    http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/26EolB/TM
    --------------------------------------------------------------------~->

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    Yahoo! Groups Links

    <*> To visit your group on the web, go to:
        http://groups.yahoo.com/group/cisco-ttl/

    <*> To unsubscribe from this group, send an email to:
        cisco-ttl-unsubscribe_at_yahoogroups.com

    <*> Your use of Yahoo! Groups is subject to:
        http://docs.yahoo.com/info/terms/
     



    This archive was generated by hypermail 2.1.5 : Thu Dec 23 2004 - 16:59:56 GMT