[c-nsp] IP NAT help
Collins, Richard (Com US)
rich.collins at siemens.com
Tue Aug 29 14:57:08 EDT 2006
So your internal host sees a packet with a source address of
172.30.10.xx
What does the routing table in your internal host show for the network
172.30.10.0/ ? It
should show that the route takes it back over the outside nat interface
to the Customer RTR.
-Rich
>Date: Tue, 29 Aug 2006 13:57:51 +1000
>From: "Ivan c" <ivannetw at gmail.com>
>Subject: [c-nsp] IP NAT help
>To: cisco-nsp at puck.nether.net
>Message-ID:
> <75b1b4850608282057o76b89533g83570d15538c26a9 at mail.gmail.com>
>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
>Hi All,
>
>I have an issue with NAT as was looking for some guidance. Thanks up
front!
>
>I have an external router that does both source and destination NAT of
the
>addresses.
>
> fa0/0
>fa0/1
>Customer RTR<---------------------------------------->My
>RTR<------------------------------------->internal host (172.30.13.xx)
>Source 203.13.xx.xx NAT
source
>172.30.10.xx
>Dest 203.6.xx.xx
>dest 172.30.13.xx
>
>Traffic imitated from 203.13.xx.xx to 203.6.xx.xx gets NATed at my
router to
>an internal source address of 172.30.10.xx and a destination of
172.30.13.xx
>.
>
>So I tried the following
>
>interface Fa0/0
>ip nat outside
>
>interface Fa0/1
>ip nat inside
>
>ip nat inside soruce static 172.30.13.xx 203.6.xx.xx
>ip nat outside source static 203.13.xx.xx 172.30.10.xx
>
>I do a tcpdump on the inside interface (mirror port on switch) and I
see the
>traffic destined for the internal host using the NAT addresses, but
when the
>internal hosts tries to syn back to my router, the router sends back a
icmp
>destination host unreachable?
>
>Thanks
>Ivan
More information about the cisco-nsp
mailing list