Hi all,

I have a problem with nat

I have the following topology, I ve got static nat entries for each servers and overload for other users.

When servers / users accesing to internet or from internet to servers there is no issue.

Problem is when i try to reach server 192.168.1.1 via its public ip (10.10.10.2) from server 192.168.1.2 with tcp (80, 1433 etc) it fails

If i try to ping 10.10.10.2 from 192.168.1.2 i can get replies

when i check the nat translations  i can see that server 192.168.1.1's ip address is nated to 10.10.10.2 and 192.168.1.2 to 10.10.10.3

also when i run debug while i try to access to 10.10.10.2 with tcp packets i can see that packet is routed with source ip 10.10.10.3 and destination ip 10.10.10.2

am i missing somthing?

here is the sample config;

!
interface FastEthernet0/0
ip address 10.10.10.1 255.255.255.248
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.1.254 255.255.255.0
ip nat inside

ip virtual-reassembly
duplex auto
speed auto
!

ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static 192.168.1.1 10.10.10.2 extendable
ip nat inside source static 192.168.1.2 10.10.10.3 extendable

!

access-list 1 permit 192.168.1.0 0.0.0.255

BR.

Burak