Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1151
Views
0
Helpful
1
Replies

Random applications / websites become inaccessible after disabling interface source-nat

vinayak-nayak
Level 1
Level 1

‎10-20-2019 05:00 PM

Hi All,

All the internet traffic that egress from the exit point gets source-natted to the public ip on the interface having the ISP link. Now, if the source-nat on the interface is turned off then many applications stop working or being accessible. There is no such specific configuration on the firewall for those applications. I am unable to understand this dependency of internal traffic need of being mapped to public ip for accessing certain applications for example teamviewer etc ? Is there any white-listing that the service provider needs to do on his end ?  

 

Note : When the source-nat is removed the internal private ip's (user vlan) go out without any NAT.

 

The reason of switching off the NAT is to make the individual sites (subnets) visible to the Zscaler, as the user traffic first goes to the Zscaler for policy checks and then gets redirected to their destinations. There is no nat on the Zscaler.

 

Thanks

Labels:
0 Helpful
1 Reply 1

Deepak Kumar
VIP Alumni
VIP Alumni

‎10-20-2019 10:17 PM

Hi,

Share your running configuration. 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card