Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
573
Views
0
Helpful
5
Replies

NAT Issue

Go to solution
navneet_78
Level 1
Level 1

‎06-10-2006 08:41 PM - edited ‎03-03-2019 12:57 PM

Hello,

I have a file transfer happening from A to Z. There is a static NAT for the source IP on my device before it goes forward towards the destination.

Now, the problem here was my client initiated an FTp file transfer from the source and was unable to do at a certain point of time. The same transfer was successful after sometime.

If the packet has to move out of A device, it has to be translated before going out, since there is a Static NAT for the source IP on my A device. Client says, that the file transfer was successful, but i did not see the NAT table getting populated and neither do i see any hits for that IP on my PIX.

xxxxxxx#sh ip nat tra

Pro Inside global Inside local Outside local Outside global

--- x.x.254.240 x.x.183.1 --- ---

--- x.x.254.241 x.x.184.1 --- ---

--- x.x.254.242 x.x.180.208 --- ---

The connectivity is as follows..

A( source Router)----->Core Router----->PIX----->Core router--->server

Config on A Router

ip nat inside source static x.x.183.1 x.x.254.240

ip route x.x.183.1 255.255.255.255 x.x.68.1

How was the file transfer successful??? Iam really confused about this. Can the packet leave the A Router without getting translated when there is a static NAT configured for it??

Appreciate your response.

Regards

Navneet

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
atif.awan
Level 3
Level 3
In response to navneet_78

‎06-11-2006 12:08 AM

Just to make sure we are on the same page here is what I understand from the information you have provided:

You have a client behind router A with ip address x.x.183.1. Router A is configured to NAT this ip address to x.x.254.240. Your show ip nat translation verifies that the inside local is x.x.183.1 and the inside global is x.x.254.240. This means that the server will see the request coming from a source ip of x.x.254.240 instead of x.x.183.1. Have I understood your setup correctly?

If yes then there is no additional information you will see in the show ip nat translation output when a client initiates a session. The source address of all packets originated from this client and leaving the router A towards the server will be changed to x.x.254.240 and like I mentioned in my previous email you can verify this by using the 'debug ip nat' command. If you are looking for additional NAT translations to get populated in the NAT table then this does not happen for static translations unless you use the extendable keyword.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
navneet_78
Level 1
Level 1

‎06-10-2006 09:43 PM

Would really appreciate if someone replies to this.

Thanx

Navneet

0 Helpful

Go to solution
atif.awan
Level 3
Level 3

‎06-10-2006 10:47 PM

The output of the 'show ip nat translation' is showing the static nat translation you have configured. Since this is a static translation you are not going to see any additional information when you issue the 'show ip nat translation command'. So in brief NAT is happening (provided your configuration is correct). If you want to confirm this you can use debug ip nat to see the addresses changing.

0 Helpful

Go to solution
navneet_78
Level 1
Level 1
In response to atif.awan

‎06-10-2006 11:11 PM

Hi,

Thanx for the response. I know there is a static NAT happening. But when the packet with a dest IP x.x.183.1 hits the router, it's source should get translated and the Outside global and local entries should be populated for it to initiate a connection with the dest server.

Pls correct me if iam wrong.

Regards

Navneet

0 Helpful

Go to solution
atif.awan
Level 3
Level 3
In response to navneet_78

‎06-11-2006 12:08 AM

Just to make sure we are on the same page here is what I understand from the information you have provided:

You have a client behind router A with ip address x.x.183.1. Router A is configured to NAT this ip address to x.x.254.240. Your show ip nat translation verifies that the inside local is x.x.183.1 and the inside global is x.x.254.240. This means that the server will see the request coming from a source ip of x.x.254.240 instead of x.x.183.1. Have I understood your setup correctly?

If yes then there is no additional information you will see in the show ip nat translation output when a client initiates a session. The source address of all packets originated from this client and leaving the router A towards the server will be changed to x.x.254.240 and like I mentioned in my previous email you can verify this by using the 'debug ip nat' command. If you are looking for additional NAT translations to get populated in the NAT table then this does not happen for static translations unless you use the extendable keyword.

0 Helpful

Go to solution
navneet_78
Level 1
Level 1
In response to atif.awan

‎06-11-2006 12:15 AM

Hi,

Yes you understood my network setup correctly. I was looking to confirm if Outside local and global fields in the NAT tables also get populated with Static NAT Entries. Got my answer.

Thnx for the detailed explanation.

Regards

Navneet

0 Helpful
Customers Also Viewed These Support Documents