cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
412
Views
0
Helpful
0
Replies
Highlighted
Beginner

Nat hairpin on router

Hi,

I have configured my cisco router 1841 with nat overload and static nat 1:1 to 2 lan client as follows:

1. LAN IP 192.168.1.2 navigate with WAN public IP, example 1.1.1.1                 - NAT Overload

ip nat pool natpool 1.1.1.1 1.1.1.1 netmask 255.255.255.0

ip nat inside source list 1 pool natpool overload

access-list 1 permit 192.168.1.0 0.0.0.255

2. LAN IP 192.168.1.132 navigate with an external public IP, example 5.5.5.5      - NAT Static

ip nat inside source static 192.168.1.132 5.5.5.5 extendable

The two lan client navigate without problem, but the hairpin test fail, in fact if I try to ping the ip 5.5.5.5 from the client 192.168.1.2 the ping is not permitted, but naturally the client with ip 192.168.1.2 is able to ping the ip 192.168.1.132.

I have configured the following route-map under the lan interface but the test fail the same

interface Vlan2

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip policy route-map Nat-loop

route-map Nat-loop permit 10

match ip address 102

set ip next-hop 192.168.1.132

access-list 102 permit ip host 192.168.1.2 host 5.5.5.5

I hope one of your kind help.

Best regard.

Fabio

Everyone's tags (3)