Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
496
Views
0
Helpful
1
Replies

Strange NAT/PAT behavior

Chess Norris
Level 4
Level 4

‎11-10-2022 01:26 AM

Hello,

We want to translate outgoing traffic to a specific public IP based on source interface and then use the outside Interface address as a backup if the PAT pool gets exhausted.

This is the configuration I’m using for this:

I have created a dynamic auto NAT rule, where I specified the source and destination interface. On the translation TAB, I use the internal addresses as original source and the Public address as translated source. Finally, on the advanced TAB I have enabled the option “Fallthrough to Interface PAT(Destination Interface)”

The strange thing is that the users are getting the Interface address instead of the address we specified as “translated source” I thought that the option “Fallthrough to Interface PAT(Destination Interface) mean that the interface address would only be used as a backup if the PAT pool gets exhausted. Am I wrong about this?

Thanks

/Chess

0 Helpful
1 Reply 1

MHM Cisco World
VIP
VIP

‎11-13-2022 10:48 AM

as I know from router IOS, the behave as following 
the traffic port will check if the port is free for interface1 then ok 
if the port is not free for interface 1 then the IOS will used the second interface and check it port is it free if yes then it will use interface2. 
and I think this is same in FTD.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card