cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Announcement“Cisco Design Thinking Workshop”. Cisco Small Business is excited to invite its Silicon Valley customers to an exclusive interactive one-day session between customers and product Managers.  If you are interested in this exclusive workshop, please fill out the Registration Form. For more information, please check out our FAQ


Get the latest new and information the November issue of the Cisco Small Business Monthly Newsletter

452
Views
0
Helpful
10
Replies
Highlighted
Beginner

One-to-one NAT - pc incorrectly taking router's ip address

I have an RV082 v4.2.3.03 that is causing issues with 2 local computers on the lan.  For whatever reason these 2 computers stop responding to the public ip addresses I have setup in the on-to-one nat.  A check of the IP shows each of the 2 computers taking the public ip address of the router.  When this happens, then RDP access fails from the outside as does web traffic to the internal web server since the public ips are not routing to the ones assigned.  I have tried the following with no luck:

 

  1. Delete the one-to-one nat settings for each computer on the router and recreate them.
  2. Disable the firewall.
  3. Review firewall rules
  4. Enable DMZ for each of the pcs.
  5. Reset the network settings on each pc, reboot.

This has happened about 4 times over the past 6 months and despite my troubleshooting I end up giving up and then miraculously at some point each of the computers starts pulling their correct public ip addresses again.  So, I'm not doing anything to bork the setup and I'm not doing anything to fix it.

We've also had some weird DNS time out issues on the network so I'm not sure if that's related or not.  The router is not handling DNS requests.

So, I'm completely dumbfounded as to why one-to-one nat is failing on these 2 computers.  The other 3 computers configured for one-to-one nat on the router NEVER experience the same issues.  The 2 boxes with the problem are running Windows Server 2008 R2 Standard and Windows 7 Pro 32 bit.  I recall this happened on v2 hardware on the same router which prompted me to purchase the newer hardware version thinking that would fix it but apparently it did not and perhaps it's not a router info.  What is causing 1-to-1 nat to not work on some pcs?

If anyone can help me out I'd greatly appreciate it!

 

UPDATE:  I can ping the pubic ip address in question from an internal workstation but the ping fails when trying outside the network.  Also, I recall in the past even when the wrong public ip address was assigned, I could sometimes still connect with the other correct public ip address from outside the network.  That had me scratching my head even more!

 

Thanks,

Tom

Everyone's tags (3)
10 REPLIES 10
Beginner

For whatever reason this

For whatever reason this issue will remain for a period of time and then it disappears and everything functions normally again.  Well, after a period of functionality I'm back to these 2 boxes unable to attain their external ip address and become "invisible" from the outside.  Sometimes outbound Internet from these 2 devices is down and other times not.  I have reset the router back to factory defaults and reconfigured and get the same issue.  I have tried a different hardware version of the same router and get the same routing oddities.   I'm at a loss.  Anyone have a good thought on this?

 

A couple of additional observations.  One of these problematic machines has a webcam webserver on it.  While I can't get one-to-one nat working I can get port forwarding to work and I can then access the webcam from the outside using the router's ip address, just not the server's ip address.

Also, I can ping the external ip address of each successfully from the LAN but the ping fails to those same ip's outside the LAN.  That sure seems like a firewall issue but I get the same behavior if I totally disable the firewall.  Not sure if that helps or not.

Contributor

What are all the MAC address

What are all the MAC address of the systems and the rv involved?  I know it's extremely unlikely, but a duplicate MAC would cause all sorts of issues.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Beginner

I'm not seeing any duplicate

I'm not seeing any duplicate MAC's on the network but I'm just manually looking at a list of MAC's after a network scan.  Is there a tool good for weeding out duplicate macs?

 

Also, the router is configured to use a spoofed mac address.  Not sure if that would cause any issue.  I also note the default mac on the router 88:1D:FC:5D:22:AD is not what shows up in a network scan.  The scan shows a mac of 88:1D:FC:5D:22:AC, just the last character is different.  Oddly, that is not what I have specified to be the spoofed mac address.  Perhaps that is only seen from the outside?  I'm hesitant to set the router back to the default mac given all the weird issues I've experience lately.

Contributor

No tool that I know of.  You

No tool that I know of.  You could ping all your IP addresses and then check the arp table, but I know those entries can expire pretty quickly on xp, so you could miss one (the one you might need too).

Why did you set the router MAC to something other than default?  Did you clone the MAC of a system on the network?

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Beginner

Not sure about the reasoning

Not sure about the reasoning behind using the MAC address clone.  It's just been in the configuration of every router we've had going back 10+ years and I'm not sure what the original device was that had that mac.  Probably some computer we had from years ago on our network.

Your reference to the mac clone had me intrigued so I set the router's mac back to the default and things went haywire.  When I did that, 2 out of the 6 public ip address we have began failing ping tests and were no longer accessible from the outside.  I cleared our modem's arp cache and that did not affect anything.  I plugged the cloned mac back into the router configuration and those 2 ip addresses sprang back to life.  I have no clue why 2 ips fails while the others remained unaffected.

Continued to be absolutely baffled on this issue!

Contributor

I think we're getting

I think we're getting somewhere. :)

Talk to your ISP and find out if they're using MAC binding with the IP addresses.  If so, then see if you can change the MACs to the default ones on the router.  Then you can eliminate the MACs as a possible cause, if it doesn't fix the problem completely.

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Beginner

Thanks.  I'll check on that

Thanks.  I'll check on that but probably won't make any more adjustments until after hours.  Don't want to continue to knock our users offline!  Explain MAC binding on the ISP end of things a bit more if you could.  Thanks.

Contributor

I definitely understand.  No

I definitely understand.  No need to make any unneeded downtime.

A lot of ISPs will bind the service or a particular IP to a particular MAC address.  Knology used to do this when I was their customer.  Each time I changed a router or a computer that was directly connected to their modem, I had to call them to change the MAC address binding on their side.  They would ask me for the new MAC address, and only after their system updates my device would get the IP.  Prior to that it would not (and similar to yours, could not be pinged). 

An ISP with multiple IP addresses to a customer might bind each IP address to a particular MAC address to keep the IPs consistent.  Again though, if a MAC changed, the IP may no longer work (and ping wouldn't either).  Hope this helps. 

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com
Beginner

Well, it's been nearly 3

Well, it's been nearly 3 weeks since the last anomaly and it happened again today in the wee hours of the morning.  2 devices lost their external ip address and were not pingable from the outside.  A call to the ISP  and the usual steps of clearing the ARP cache, rebooting devices, etc yielded no fixes.  They bumped the ticket up to the "Test Desk" and they were able to find some info on this problem not previously discovered.  Turns out a prior customer had our block of ip addresses and they still had equipment trying to bridge to those ip addresses that we now have.  When that happens, we lose routing ability with those devices.  The tech was able to clear the ARP on their equipment and we were immediately pingable again.  So, I think we may have found a solution after many nerve wracking months!   Glad it wasn't something on our end but we'll continue to monitor.  Thanks for the input!

Contributor

Wow, I wouldn't have thought

Wow, I wouldn't have thought an ISP would have done something that stupid.  Make sure that your IPs are yours.  Glad it wasn't the router or anything on your end. :)
 

Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com