07-09-2003 07:07 AM - edited 03-02-2019 08:44 AM
Has anyone ever seen this before? We have NAT set up on a 3640 router as follows:
ip nat inside source static 172.16.38.200 172.16.95.7
ip nat outside source static 172.16.95.7 172.16.38.200
When we send something from 172.16.38.200, the router is not translating it to 172.16.95.7. It had been doing this just fine for months, but suddenly just stopped. Translation is working in the opposite direction. Here's another weird thing: we have 12 other translations setup on this router, just like these (with different IP addresses, obviously). These are working fine. If we reboot the router, this translation may start working, but another will stop! When we put our sniffer on the outside of the router, we see the IP addresses coming thru as 172.16.38.200, not 172.16.95.7. Has anyone ever seen anything like this before? Any help is very much appreciated!!!
Thank you,
Steve
07-09-2003 07:50 AM
remove the second statement. One static map is all you need. It might be geting confused from that. clear ip nat translations after removing the outside map.
07-09-2003 07:55 AM
Steve
You dont really need the outside source static command for every input source static entry that you key in. When packets go from inside to outside, those with source address of 172.16.38.200 will be translated to 172.16.95.7. When the packet returns back, the destination address field will have 172.16.95.7 and this is translated using the same entry, back to 172.16.38.200.
Hope that helps.
07-09-2003 08:18 AM
Thank you for your response! I did not mention this, but I think we want to leave it in, as the outside also needs to be able initiate communications with the inside devices.
07-09-2003 08:23 AM
From the outside, if communications are initiated using the 95.7 address, then you dont need the outside source entry. Otherwise you do.
07-09-2003 08:37 AM
Okay, I will give that a try. Thank you for your help!
07-10-2003 08:45 AM
The router is now NAT-ing everything again. it is really odd. It got down to one particular network that I could not get any NAT translations to happen for. After making some other, seemingly non-related changes, NAT began translating again for that network! We had a protocol analyzer on a device on the outside and could see the IP traffic for that network coming thru not translated. I had debug IP NAT going on the router and did not see translations for that network. After making the seemingly non-related changes, the router suddenly began doing the translations again for that network. Weird.
I removed all the outside source entries and everything is still working. Thank you for the suggestion! There is no sense having a bunch of redundant stuff in there if it is not needed.
Steve
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide