Hello,
We have a router NATing a number of public IPs to internal Private IPs. It works fine when connecting from Outside the network. But fails when trying to connect from a different VLAN behind the same router on our internal network.
E.G.
This is from Internet which works fine:
tracert -d 85.13.140.202
Tracing route to 85.13.140.202 over a maximum of 30 hops
1 <1 ms <1 ms <1 ms x.x.x.x
2 1 ms 2 ms <1 ms x.x.x.x
3 1 ms <1 ms <1 ms x.x.x.x
4 2 ms 1 ms 1 ms 62.255.158.211
5 6 ms 7 ms 4 ms 213.104.146.109
6 * * * Request timed out.
7 5 ms 5 ms 5 ms 80.0.0.86
8 47 ms 8 ms 230 ms 80.0.0.10
9 12 ms 12 ms 12 ms 62.252.29.56
10 12 ms 12 ms 12 ms 81.0.194.2
11 14 ms 12 ms 12 ms 85.13.140.202
12 12 ms 12 ms 12 ms 85.13.140.202
13 11 ms 11 ms 11 ms 85.13.140.202
Trace complete.
But when trying the same from the internal network:
>tracert 85.13.140.202
Tracing route to 85.13.140.202 over a maximum of 30 hops
1 3 ms <1 ms <1 ms 192.168.0.2
2 <1 ms <1 ms <1 ms 192.168.255.1
3 1 ms 1 ms 1 ms 192.168.244.1
4 1 ms <1 ms <1 ms 81.0.194.2
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
Router Config Looks like this:
!
interface GigabitEthernet0/1
description [ To Internet Gateway Router ]
ip address 81.0.194.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
ip nat outside
ip virtual-reassembly in
load-interval 30
duplex full
speed auto
!
interface GigabitEthernet0/2
description [ Internal Interface ]
ip address 192.168.244.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting output-packets
ip nat inside
ip virtual-reassembly in
duplex full
speed auto
!
ip nat inside source route-map internet interface GigabitEthernet0/1 overload
ip nat inside source static 192.168.55.202 85.13.140.202 extendable
ip route 0.0.0.0 0.0.0.0 81.0.194.2
ip route 192.168.55.0 255.255.255.0 192.168.244.2
It looks like when traffic is going from inside network it gets routed out the internet interface instead of back inside the network?
Thanks