Solved: Re: Ping replies to IPs which configured for port forwarding

lingamt90 · ‎03-17-2021

Please refer to the port forwarding configured on the following running-config of my router. (IPs changed for security concern).

Public IPs for the port warding are not configured on any of the interfaces on the router or there is no static route to those IPs.

However, when you ping to those public IPs, the router replies to them. Is it normal? What I am confused with it is that there is no entry in the routing table for those IPs as they are configured on the port forwarding only, how are they responding to the ping.

ip nat inside source static tcp 192.168.2.10 20 68.98.20.133 20 extendable
ip nat inside source static tcp 192.168.2.10 21 68.98.20.133 21 extendable
ip nat inside source static tcp 192.168.2.10 22 68.98.20.133 22 extendable
ip nat inside source static tcp 192.168.2.10 25 68.98.20.133 25 extendable
ip nat inside source static tcp 192.168.2.10 80 68.98.20.133 80 extendable

ip nat inside source static tcp 192.168.2.17 25 68.98.20.134 25 extendable
ip nat inside source static tcp 192.168.2.17 80 68.98.20.134 80 extendable

ip nat inside source static tcp 192.168.2.17 1433 68.98.20.134 1433 extendable
ip nat inside source static tcp 192.168.2.17 3389 68.98.20.134 3389 extendable

ip nat inside source static tcp 192.168.2.14 143 115.233.31.105 143 extendable
ip nat inside source static tcp 192.168.2.14 443 115.233.31.105 443 extendable
ip nat inside source static tcp 192.168.2.14 1433 115.233.31.105 1433 extendable
ip nat inside source static tcp 192.168.2.14 3389 115.233.31.105 3389 extendable

ip nat inside source static tcp 192.168.2.220 993 115.233.31.106 993 extendable
ip nat inside source static tcp 192.168.2.220 995 115.233.31.106 995 extendable
ip nat inside source static tcp 192.168.2.220 1433 115.233.31.106 1433 extendable
ip nat inside source static tcp 192.168.2.220 2221 115.233.31.106 2221 extendable
ip nat inside source static tcp 192.168.2.220 3389 115.233.31.106 3389 extendable

paul driver · ‎03-17-2021

Hello

@lingamt90 wrote:

Please refer to the port forwarding configured on the following running-config of my router. (IPs changed for security concern).

Public IPs for the port warding are not configured on any of the interfaces on the router or there is no static route to those IPs.

However, when you ping to those public IPs, the router replies to them. Is it normal? What I am confused with it is that there is no entry in the routing table for those IPs as they are configured on the port forwarding only, how are they responding to the ping.

It doesn’t matter, those inside global address don’t have to reside on any interface they just need to be reachable from the public network towards your nat router and obviously you need to be the valid owner of them, How they get advertised is another question, either by the ISP you are with or you are performing it.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

paul driver · ‎03-17-2021

Hello

@lingamt90 wrote:

Please refer to the port forwarding configured on the following running-config of my router. (IPs changed for security concern).

Public IPs for the port warding are not configured on any of the interfaces on the router or there is no static route to those IPs.

However, when you ping to those public IPs, the router replies to them. Is it normal? What I am confused with it is that there is no entry in the routing table for those IPs as they are configured on the port forwarding only, how are they responding to the ping.

It doesn’t matter, those inside global address don’t have to reside on any interface they just need to be reachable from the public network towards your nat router and obviously you need to be the valid owner of them, How they get advertised is another question, either by the ISP you are with or you are performing it.

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

lingamt90 · ‎04-01-2021

Hi Paul,

I am convinced by your explanation. Thank you By the way, the IP block is advertised by the ISP.