Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
710
Views
0
Helpful
5
Replies

NAT problem!!!

riz_432
Level 1
Level 1

‎06-03-2005 02:48 PM - edited ‎03-03-2019 09:44 AM

the network goes as follows

INSIDE----NAT ROUTER-OUTSIDE

now we have changed the ip of our server which is residing in the inside network and we have enabled a nat on the router where the old ip is being natted to the new one. Now the problem is the clients applications(all of which are residing on the outside ) which uses the old ip are working fine but the one with new ips are not.may be the problem is when the client send a packet with new server ip as the destination ip the router routes it through without natting(as i dosent qualifies for nat) but when the server replies to the same request with the new ip as source (as it is the only ip server knows or has) the router nats it to th old ip and the client configured for new ips reject these packets.

Now is there a way around to this problem.and the process of migrating clients to the new ip will take time so a solution is desperatly needed.

Labels:
0 Helpful
5 Replies 5

Georg Pauwen
VIP
VIP

‎06-03-2005 10:19 PM

Hello,

not sure about your timeline, but keep in mind that the default timeout for NAT translations on Cisco routers is 24 hours. Can you post the configuration of your router (and indicate which is the old and which the new IP address of the server) ?

Regards,

GP

0 Helpful

riz_432
Level 1
Level 1
In response to Georg Pauwen

‎06-05-2005 08:42 AM

time line dont qualify as static nat is being used and i dont think it is necessary to print my config for the problem stated above.time outs are for dynamic nat.

0 Helpful

Georg Pauwen
VIP
VIP
In response to riz_432

‎06-05-2005 12:13 PM

Hello,

are you routing the network to which the original IP address is assigned ?

Posting your configuration might reveal some hints (regardless of the timeouts), understandable that sometimes that is not possible for various (security) reasons. Just make sure that your original (source) network is being routed correctly.

Regards,

GP

0 Helpful

riz_432
Level 1
Level 1
In response to Georg Pauwen

‎06-05-2005 12:31 PM

routing is not the issue sever is in the inside network and clients are in outside . the new ip is in the inside network(old ip is now just a virtual ip which is there on the router) and routing is being done properlly thats is why the clients using old server ips are running properly

0 Helpful

Tony.henry
Level 1
Level 1

‎06-05-2005 06:58 PM

Riz,

I'm not sure there is a short simple ciscoesque answer to this particular problem.

It sounds like you need change the way the client operates to use a name rather than an IP address.

I'm afraid that I think your correct in your assertion that the NAT router is performing NAT on the outgoing responses from the new IP addresses to the old which in turn is rejected by the client.

Maybe a statefull firewall may have some chance of being able to do what you'd like this to do, as it would keep track of who made a connection to what address and perform NAT accordingly. I wouldn't bank on it though.

That said I think DNS might be the go rather than trying this on a firewall.

Tony Henry

0 Helpful
Customers Also Viewed These Support Documents