183
VPN instance/VLAN ID/Inline ID: vpn1/-/-
Protocol: ICMP(1)
Inbound interface: GigabitEthernet2/0/1
Responder:
Source IP/port: 192.168.1.2/42496
Destination IP/port: 172.16.1.2/0
DS-Lite tunnel peer: -
VPN instance/VLAN ID/Inline ID: vpn2/-/-
Protocol: ICMP(1)
Inbound interface: GigabitEthernet2/0/2
State: ICMP_REPLY
Application: INVALID
Start time: 2012-08-16 09:30:49 TTL: 27s
Initiator->Responder: 5 packets 420 bytes
Responder->Initiator: 5 packets 420 bytes
Total sessions found: 1
NAT with DNS mapping configuration example
Network requirements
As shown in Figure 73, the internal Web server at 10.110.10.1/16 and FTP server at 10.110.10.2/16
provide services for external user. The company has three public addresses 202.38.1.1 through
202.38.1.3. The DNS server at 202.38.1.4 is on the external network.
Configure NAT so that:
• The public IP address 202.38.1.2 is used by external users to access the Web and FTP servers.
• External users can use the public address or domain name of internal servers to access them.
• Internal users can access the internal servers by using their domain names.
Figure 73 Network diagram
Requirements analysis
To meet the network requirements, perform the following tasks:
• Configure NAT Server by mapping the public IP addresses and port numbers of the internal
servers to a public address and port numbers so that external users can access the internal
servers.
• Configure NAT with DNS mapping and ALG so that the public IP address of the internal server
in the payload of the DNS response packet can be translated to the private IP address.
To Next Page
Loading...
Need help?
General
