Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
389
Views
5
Helpful
1
Replies

Nat

fabrice.demierre
Level 1
Level 1

‎07-29-2005 04:07 AM

Hi,

Somebody can explain me the following line.I don't understand how I can to do that. The server 192.168.31.18 don't arrive to connect in smtp to the server 192.168.5.137.

Thanks

--------------- ----- --------------- ----- --------------- --- ------- ------

Src Address SPort Dst Address DPort NAT Dst Address Prt InPort OutPort

--------------- ----- --------------- ----- --------------- --- ------- ------

192.168.31.18 10749 192.168.5.137 25 192.168.31.17 TCP 1/1-56 1/1-56

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎07-29-2005 06:32 AM

you're going from 31.18 to 5.137 which is loadbalanced to 31.17.

31.17 and 31.18 are in the same vlan [56] so the response from the server will go back directly to the client. [normal TCP/IP routing].

Therefore, you need to nat the client ip address on the CSS.

The command to use is

group clientnat

vip 192.168.5.137

add destination service

active

This will nat all clients traffic going to server 31.17.

If you only want this for some clients only [ie vlan56] you will need to use an acl to apply the group

ie:

group clientnat

vip x.x.x.x

active

acl 1

clause 10 permit any destination content owner/rule sourcegroup clientnat

clause 99 permit any any destination any

apply all

Thanks for rating this answer.

Gilles.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card