Cisco 837 - how to set up Inside to Inside NAT for DNS resolution?

Hi,

Can anybody help? I need to setup "inside to inside NAT" as described here:

formatting link
I'm running 12.4 on a Cisco 837, and I know this feature is supported on my image. But I can't work out how to actually implement it! The quoted page gives an example but is looks like it's for VPN. I want it to work such that inside the LAN I can access a hosted website (hosted inside the LAN) via its external DNS name (www.....).

This should get round the need for local HOSTS entries. The important quote from the page for me is this:

"The purpose of this feature is to provide customers of the Cisco 830 and SOHO 90 routers, with the ability to allow the use of a single DNS name / DNS server external to the LAN to provide name resolution for internal servers to internal clients even if NAT is applied and the NAT global address is the known address from a DNS perspective. "

I'm using my ISP's DNS.

Can anyone suggest what changes I need to make to my config (below)?

Many thanks!

Jim

==============================

! ! Last configuration change at 15:08:32 UTC Tue May 23 2006 ! NVRAM config last updated at 14:44:33 UTC Tue May 23 2006 ! version 12.4 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! memory-size iomem 5 enable secret 5 XXXXX ! aaa new-model ! ! aaa authentication ppp default local aaa authorization network default if-authenticated ! aaa session-id common ! resource policy ! ! ! no ip dhcp use vrf connected ip dhcp binding cleanup interval 10 ip dhcp excluded-address 192.168.1.1 192.168.1.10 ip dhcp excluded-address 192.168.1.101 192.168.1.254 ! ip dhcp pool JIMDESKTOP host 192.168.1.101 255.255.255.0 client-identifier 0100.e018.fe31.ff default-router 192.168.1.1 dns-server 212.104.130.9 212.104.130.65 lease 0 12 ! ip dhcp pool CLIENT import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 212.104.130.9 212.104.130.65 lease 0 12 ! ! ip cef ip domain name home.lan ip ssh version 2 login block-for 120 attempts 3 within 120 login delay 3 login on-failure log login on-success log vpdn enable ! vpdn-group 1 ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 ! ! ! ! username jim password 7 XXXXX ! ! ! ! ! interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 hold-queue 100 out ! interface Ethernet2 no ip address hold-queue 100 out ! interface ATM0 description ADSL Broadband Interface no ip address atm vc-per-vp 64 no atm ilmi-keepalive dsl operating-mode auto pvc 0 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface FastEthernet1 duplex auto speed auto ! interface FastEthernet2 duplex auto speed auto ! interface FastEthernet3 duplex auto speed auto ! interface FastEthernet4 duplex auto speed auto ! interface Virtual-Template1 ip unnumbered Ethernet0 ip mroute-cache peer default ip address pool VPN-CLIENT ppp encrypt mppe auto required ppp authentication ms-chap ms-chap-v2 ! interface Dialer1 ip address 82.152.XXX.XX 255.255.255.XXX ip mtu 1492 ip nat outside ip virtual-reassembly encapsulation ppp ip tcp adjust-mss 1452 dialer pool 1 dialer-group 1 ppp authentication chap pap callin ppp chap hostname snipped-for-privacy@XXXXX.XXXXX.co.uk ppp chap password 7 XXXXX ppp pap sent-username snipped-for-privacy@XXXXX.XXXXX.co.uk password 7 XXXXX ppp ipcp dns request ppp ipcp wins request ! ip local pool VPN-CLIENT 192.168.1.251 192.168.1.254 ip route 0.0.0.0 0.0.0.0 Dialer1 ! no ip http server no ip http secure-server ! ip nat inside source list 102 interface Dialer1 overload ip nat inside source static tcp 192.168.1.150 25 interface Dialer1 25 ip nat inside source static tcp 192.168.1.150 110 interface Dialer1

110 ip nat inside source static tcp 192.168.1.150 21 interface Dialer1 21 ip nat inside source static tcp 192.168.1.150 80 interface Dialer1 80 ip nat inside source static tcp 192.168.1.150 443 interface Dialer1 443 ! ! ip access-list standard SNMP-ALLOWED permit 192.168.1.101 permit 192.168.1.150 deny any ip access-list standard SSH-ALLOWED permit 82.XXX.XXX.XXX permit 192.168.1.0 0.0.0.255 deny any ! logging trap debugging logging 192.168.1.150 access-list 102 permit ip 192.168.1.0 0.0.0.255 any dialer-list 1 protocol ip permit snmp-server community public RW SNMP-ALLOWED ! ! control-plane ! ! line con 0 exec-timeout 120 0 no modem enable stopbits 1 line aux 0 line vty 0 4 access-class SSH-ALLOWED in exec-timeout 120 0 password 7 XXXXX length 0 transport input ssh ! scheduler max-task-time 5000 sntp server 212.104.129.221 end
Reply to
Jim Willsher
Loading thread data ...

notice that in the Cisco configlet they use the command "ip nat enable" on the interfaces ...

Reply to
Merv

Hi Merv,

Yeah, saw that. But it didn't seem to make any difference.

if I have

ip nat enable by itself, I lose the ability to browse from internal clients. If I have

ip nat enable ip nat inside

I can browse, but browsing via external DNS still won't work.

Confused!

Jim

Reply to
Jim Willsher

formatting link

The URL you give is bogus on what you are trying to do. If I recall correctly, what you are looking for is the 'extendable' word at the end of the outbound NAT statement. Have the word appended to the NAT for the webserver, then your inside hosts will get DNS doctored.

HTH Martin Bilgrav

Reply to
Martin Bilgrav

formatting link
>

Hi Martin, many thanks for taking the time to post.

I tried what you suggested (I think!) but it didn't seem to make much difference. I added the following command to my existing config:

ip nat inside source static tcp 192.168.1.150 80 82.152.114.61 80 extendable

Everything else seemed to work as before, I could browse the internally-hosted webserver via domain-name from the internet. But I still can't browse it by domain name from inside the LAN.

Sorry if I've misunderstood your suggestion, I'm very new to Cisco. I didn't really understand your "outbound NAT" bit, but I assumed (probably wrongly) that it was the port-80 NAT.

Any ideas?

Many thanks,

Jim

Reply to
Jim Willsher

did you 'clear ip nat translation *' ? How does your cfg looks like now ?

This is just what the line should do. hmm Are the 82.152.114.61 the IP that the webserver has in the DNS A-record ? And it is hosted on the internal IP .150 ?

Reply to
Martin Bilgrav

Hi Martin,

No, I hadn't run the clear, but I have now and it still hasn't worked :-(

That's correct. The public DNS entries for the domain point to

82.152.114.61:

formatting link
The internal IP is 192.168.1.150

I've copied the entire config below. When I use this config, I cannot browse

formatting link
from inside the LAN unless I manually add

192.168.1.150
formatting link

to my hosts file, which I'm trying to avoid. Without this I get a

1-second pause followed by a "page not found" (IE6).

I hope you can spot where I'm going wrong....

Many thanks!

Jim

=================================================

New config

! ! Last configuration change at 11:11:11 UTC Fri May 26 2006 by XXX ! NVRAM config last updated at 11:10:31 UTC Fri May 26 2006 by XXX ! version 12.4 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! memory-size iomem 5 enable secret 5 XXXXX ! aaa new-model ! ! aaa authentication ppp default local aaa authorization network default if-authenticated ! aaa session-id common ! resource policy ! ! ! no ip dhcp use vrf connected ip dhcp binding cleanup interval 10 ip dhcp excluded-address 192.168.1.1 192.168.1.10 ip dhcp excluded-address 192.168.1.101 192.168.1.254 ! ip dhcp pool JIMDESKTOP host 192.168.1.101 255.255.255.0 client-identifier 0100.dddd.dddd.ff default-router 192.168.1.1 dns-server XXX.XXX XXX.XXX lease 0 12 ! ip dhcp pool CLIENT import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server XXX.XXX XXX.XXX lease 0 12 ! ! ip cef no ip domain lookup ip domain name home.lan ip ssh version 2 login block-for 120 attempts 3 within 120 login delay 3 login on-failure log login on-success log vpdn enable ! vpdn-group 1 ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 ! ! ! ! username XXX password 7 XXXXX ! ! ! ! ! interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 hold-queue 100 out ! interface Ethernet2 no ip address hold-queue 100 out ! interface ATM0 description ADSL Broadband Interface no ip address atm vc-per-vp 64 no atm ilmi-keepalive dsl operating-mode auto pvc 0 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface FastEthernet1 duplex auto speed auto ! interface FastEthernet2 duplex auto speed auto ! interface FastEthernet3 duplex auto speed auto ! interface FastEthernet4 duplex auto speed auto ! interface Virtual-Template1 ip unnumbered Ethernet0 ip mroute-cache peer default ip address pool VPN-CLIENT ppp encrypt mppe auto required ppp authentication ms-chap ms-chap-v2 ! interface Dialer1 ip address 82.152.114.61 255.255.255.252 ip mtu 1492 ip nat outside ip virtual-reassembly encapsulation ppp ip tcp adjust-mss 1452 dialer pool 1 dialer-group 1 ppp authentication chap pap callin ppp chap hostname snipped-for-privacy@XXXXX.co.uk ppp chap password 7 XXXXX ppp pap sent-username snipped-for-privacy@XXXXX.co.uk password 7 XXXXX ppp ipcp dns request ppp ipcp wins request ! ip local pool VPN-CLIENT 192.168.1.251 192.168.1.254 ip route 0.0.0.0 0.0.0.0 Dialer1 ! no ip http server no ip http secure-server ! ip nat inside source list 102 interface Dialer1 overload ip nat inside source static tcp 192.168.1.150 443 interface Dialer1

443 ip nat inside source static tcp 192.168.1.150 80 interface Dialer1 80 ip nat inside source static tcp 192.168.1.150 21 interface Dialer1 21 ip nat inside source static tcp 192.168.1.150 110 interface Dialer1 110 ip nat inside source static tcp 192.168.1.150 25 interface Dialer1 25 ! ! ip access-list standard SNMP-ALLOWED permit 192.168.1.101 permit 192.168.1.150 deny any ip access-list standard SSH-ALLOWED permit 81.168.116.141 permit 82.152.95.189 permit 82.152.232.9 permit 82.152.83.57 permit 82.152.237.153 permit 192.168.1.0 0.0.0.255 deny any ! logging trap debugging logging 192.168.1.150 access-list 102 permit ip 192.168.1.0 0.0.0.255 any dialer-list 1 protocol ip permit snmp-server community XXXXX RW SNMP-ALLOWED ! ! control-plane ! ! line con 0 exec-timeout 120 0 no modem enable transport preferred none stopbits 1 line aux 0 line vty 0 4 access-class SSH-ALLOWED in exec-timeout 120 0 password 7 XXXXX length 0 transport preferred none transport input ssh ! scheduler max-task-time 5000 sntp server XXX.221 end

=================================================

sh ver output

Cisco IOS Software, C837 Software (C837-K9O3SY6-M), Version 12.4(8), RELEASE SOFTWARE (fc1) Technical Support:

formatting link
(c) 1986-2006 by Cisco Systems, Inc. Compiled Mon 15-May-06 23:37 by prod_rel_team

ROM: System Bootstrap, Version 12.2(11r)YV3, RELEASE SOFTWARE (fc2)

router uptime is 3 minutes System returned to ROM by reload at 11:13:05 UTC Fri May 26 2006 System restarted at 11:15:20 UTC Fri May 26 2006 System image file is "flash:c837-k9o3sy6-mz.124-8.bin"

This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

formatting link
If you require further assistance please contact us by sending email to snipped-for-privacy@cisco.com.

Cisco C837 (MPC857DSL) processor (revision 0x600) with 62260K/3276K bytes of memory. Processor board ID FCZ093343XZ, with hardware revision 0000 CPU rev number 7

2 Ethernet interfaces 4 FastEthernet interfaces 1 ATM interface 128K bytes of NVRAM. 12288K bytes of processor board System flash (Read/Write) 2048K bytes of processor board Web flash (Read/Write)

Configuration register is 0x2102

Reply to
Jim Willsher

Jim has:-

This piqued my interest and I did a bit of reading.

There is a reference (not available to me right now) on CCO that I read. It talked about getting this behaviour when using Outside NAT.

Maybe you need to add:-

ip nat OUTSIDE source static interface Dialer1 192.168.1.150

I haven't checked the syntax and you may well not be allowed the "interface dialer1" bit and have to use the address instead.

So what will this do to the traffic. Inbound traffic with Source Address of the dialer will be NATted such that the source address will be changed to 192.168.1.150.

As far as I can see there will be no such traffic. So nothing can get broken:-)

Similarly outbound traffic with DA of 192.168.1.150 will get translated to the address of dialer1 interface. Once more there will be no such traffic passing through the router.

///Additionally///:- Inbound DNS packet contents will be inspected and A records containing the address of the Dialer1 interface will be translated to the address specified in the NAT Outside statement.

I have not tested or implemented this and have no idea if it will work but it looked promising in your context.

Please post results, good or bad.

Reply to
anybody43

....

I have realised that this is easy for me to test in the case where the Outside natted address is NOT the adderss of the router.

Anyway. It works.

Reply to
anybody43

ADSL(config)#ip nat outside source static 155.198.5.83 ? A.B.C.D Outside local IP address

ADSL(config)#ip nat outside source static 155.198.5.83 172.16.145.200 ADSL(config)#^Z ADSL#

C:\\Documents and Settings\\Administrator>ping

formatting link
Pinging
formatting link
[172.16.145.200] with 32 bytes of data:

ADSL#sh run | inc nat ip nat inside ip nat inside ip nat outside ip nat inside source route-map nonat interface Dialer1 overload ip nat outside source static 155.198.5.83 172.16.145.200 route-map nonat permit 10

Reply to
anybody43

Hi, many thanks for picking this one up, much appreciated.

Okay, I tried what you suggested (I think). I entered:

ip nat outside source static 82.152.114.61 192.168.1.150

When I saved the config I noticed this on my consle:

05:14:08: %SYS-5-CONFIG_I: Configured from console by consol 05:14:41: %IP-4-DUPADDR: Duplicate address 192.168.1.150 on Ethernet0, sourced by 000f.xxxx.xxxx

But the results were not what I had expected. Browsing the domain name from inside the network now works a treat - excellent! Sadly, browsing from the internet no longer worked :-(

So I've had to remove the command and now I'm back to the "outside works, inside doesn't" situation.

I noticed your comment about the DNS and the router. Unfortunately they are both the same IP, and I can't change. Hence why NAT is in use.

SO it looked so promising - until I realised external access no longer worked (page not found).

Can you think of anything else I can try?

Many thanks,

Jim

Reply to
Jim Willsher

Oh dear. Of course, (well its obvious now:-) the router must be 'hosting' the address 192.168.1.150 on the inside. I guess it will respond to arps for that address and is apparently looking out for duplicates.

I have tried a couple more things here.

ip nat inside source route-map nonat interface Dialer1 overload ip nat outside source static 155.198.5.83 172.16.145.35

ADSL#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 172.16.145.37 1 0002.a545.2244 ARPA Ethernet0 Internet 172.16.145.36 77 000d.5e48.0bc7 ARPA Ethernet0 Internet 172.16.145.35 - 0013.1996.5db7 ARPA Ethernet0 Internet 172.16.145.1 - 0013.1996.5db7 ARPA Ethernet0

I had a telnet session from .35 to the router (.1). As soon as I added the NAT I lost the session.

Whn I ping .35 from .37 the router responds.

C:\\Program Files>arp -a

Interface: 192.168.67.249 --- 0x3 Internet Address Physical Address Type 192.168.67.1 00-0b-5f-78-f3-bf dynamic

Interface: 172.16.145.37 --- 0x20002 Internet Address Physical Address Type 172.16.145.1 00-13-19-96-5d-b7 dynamic 172.16.145.35 00-13-19-96-5d-b7 dynamic

C:\\Program Files>ping 172.16.145.35 -t

Pinging 172.16.145.35 with 32 bytes of data:

Reply from 172.16.145.35: bytes=32 time=1ms TTL=255 Reply from 172.16.145.35: bytes=32 time=1ms TTL=255 Reply from 172.16.145.35: bytes=32 time=1ms TTL=255

## However

When I use ip nat outside source static 155.198.5.83 172.16.145.200

I dont get this ARP entry and the router does /not/ respond to a ping for 172.16.145.200.

Weird.

Reply to
anybody43

Sorry, the netmask was not what I expected. Local router address is 172.16.145.1/25. I had assumed /24. I forgot that I had changed it a while back.

Reply to
anybody43

Whoa, you've lost me :-) So do you think you're onto a winner, or should I throw the 837 out of the window?

I appreciate your help!

Jim

Reply to
Jim Willsher

Hi,

Stick with me on this one, Jim - This is the way to do it and it will work. What we need to do is find out were you go wrong.

... .

did you omit ACL 102 from your cfg ? I dont see it anywere

I dont see the ip nat inside source static 192.168.1.150 82.152.114.61 extendable line anywhere

Here is what you do:

  1. remove ALL you present NAT entries and add the one I sugguested: C/P this : cle ip nat trans * no ip nat inside source static tcp 192.168.1.150 443 interface Dialer1 443 no ip nat inside source static tcp 192.168.1.150 80 interface Dialer1 80 no ip nat inside source static tcp 192.168.1.150 21 interface Dialer1 21 no ip nat inside source static tcp 192.168.1.150 110 interface Dialer1 110 no ip nat inside source static tcp 192.168.1.150 25 interface Dialer1 25 ip nat inside source static 192.168.1.150 82.152.114.61 extendable

This will do it, if you do not get any error msg, cause of ANT in use.

HTH Martin Bilgrav

Reply to
Martin Bilgrav

Also just to make sure add: ip subnet-zero

Reply to
Martin Bilgrav

Hi Martin,

Many thanks for persisting :-)

Before I try it though, won't these lines:

prevent my websites from working? Surely nobody on the WAN will be able to see them, as by removing these, there's nothing to say that http (80) is on 192.168.1.150, etc.

Jim

Reply to
Jim Willsher

yes - correct, but the last line (not in your C/P) brings it back online instantly, so only current session gets broken as you clear NAT. no big deal.

Reply to
Martin Bilgrav

On Mon, 29 May 2006 21:28:37 +0200, "Martin Bilgrav" wrote:

Sorry, I'm obviosuly being a bit silly here. I just don't want to get it wrong!

For the avoidance of doubt, I've pasted my *full* running-config below. I still can't see how my server will be accessible from the web after I make your changes. We're removing the port 80, port 443 etc ines, but we're not replacing them with anything. So either nothing will get to my server, or EVERYTHING will get to my server (DMZ). Or am I misreading the situation?

Anyway, my *entire* config follows. Thank you *so much* for being so patient with my clear lack of Cisco skills :-)

=============

! ! Last configuration change at 10:28:19 BST Sun May 28 2006 ! NVRAM config last updated at 08:36:36 BST Tue May 30 2006 by XXX ! version 12.4 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname router ! boot-start-marker boot-end-marker ! memory-size iomem 5 enable secret 5 XXXXX ! aaa new-model ! ! aaa authentication ppp default local aaa authorization network default if-authenticated ! aaa session-id common ! resource policy ! clock timezone GMT 0 clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 3:00 ! ! no ip dhcp use vrf connected ip dhcp binding cleanup interval 10 ip dhcp excluded-address 192.168.1.1 192.168.1.10 ip dhcp excluded-address 192.168.1.101 192.168.1.254 ! ip dhcp pool JIMDESKTOP host 192.168.1.101 255.255.255.0 client-identifier 0100.e018.fe31.ff default-router 192.168.1.1 dns-server 212.104.130.9 212.104.130.65 lease 0 12 ! ip dhcp pool CLIENT import all network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server 212.104.130.9 212.104.130.65 lease 0 12 ! ! ip cef no ip domain lookup ip domain name home.lan ip ssh version 2 login block-for 120 attempts 3 within 120 login delay 3 login on-failure log login on-success log vpdn enable ! vpdn-group 1 ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 ! ! ! ! username XXX password 7 XXXXX ! ! ! ! ! interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452 hold-queue 100 out ! interface Ethernet2 no ip address hold-queue 100 out ! interface ATM0 description ADSL Broadband Interface no ip address ip nbar protocol-discovery atm vc-per-vp 64 no atm ilmi-keepalive dsl operating-mode auto pvc 0 0/38 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface FastEthernet1 duplex auto speed auto ! interface FastEthernet2 duplex auto speed auto ! interface FastEthernet3 duplex auto speed auto ! interface FastEthernet4 duplex auto speed auto ! interface Virtual-Template1 ip unnumbered Ethernet0 ip mroute-cache peer default ip address pool VPN-CLIENT ppp encrypt mppe auto required ppp authentication ms-chap ms-chap-v2 ! interface Dialer1 ip address 82.152.114.61 255.255.255.252 ip mtu 1492 ip nat outside ip virtual-reassembly encapsulation ppp ip tcp adjust-mss 1452 dialer pool 1 dialer-group 1 ppp authentication chap pap callin ppp chap hostname snipped-for-privacy@adsl.XXX.co.uk ppp chap password 7 XXX ppp pap sent-username snipped-for-privacy@adsl.XXX.co.uk password 7 XXX ppp ipcp dns request ppp ipcp wins request ! ip local pool VPN-CLIENT 192.168.1.251 192.168.1.254 ip route 0.0.0.0 0.0.0.0 Dialer1 ! no ip http server no ip http secure-server ip dns server ! ip nat inside source list 102 interface Dialer1 overload ip nat inside source static tcp 192.168.1.150 443 interface Dialer1

443 ip nat inside source static tcp 192.168.1.150 80 interface Dialer1 80 ip nat inside source static tcp 192.168.1.150 21 interface Dialer1 21 ip nat inside source static tcp 192.168.1.150 110 interface Dialer1 110 ip nat inside source static tcp 192.168.1.150 25 interface Dialer1 25 ! ! ip access-list standard SNMP-ALLOWED permit 192.168.1.101 permit 192.168.1.150 deny any ip access-list standard SSH-ALLOWED permit 81.168.124.101 permit 192.168.1.0 0.0.0.255 deny any ! logging trap debugging logging 192.168.1.150 access-list 102 permit ip 192.168.1.0 0.0.0.255 any dialer-list 1 protocol ip permit snmp-server community public RW SNMP-ALLOWED ! ! control-plane ! ! line con 0 exec-timeout 120 0 no modem enable transport preferred none stopbits 1 line aux 0 line vty 0 4 access-class SSH-ALLOWED in exec-timeout 120 0 password 7 XXXX length 0 transport preferred none transport input ssh ! scheduler max-task-time 5000 ntp clock-period 17179402 ntp server 212.104.129.221 end

=============

Reply to
Jim Willsher

Jim Willsher schrieb:

AFAIR this feature was introduced in 12.3(11)YS and did not make it into

12.4 mainline. It should be in 12.4T train.
Reply to
Uli Link

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.