07-03-2016 03:43 PM - edited 03-08-2019 06:28 AM
I configured NAT overload (PAT) on the outside interface(WAN ineterface) and static NAT on router 1921/K9, but i noticed that the PAT usually preferred. here is the config :
interface GigabitEthernet0/0
ip address X.X.X.66 255.255.255.240
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
ip nat inside source list 1 interface GigabitEthernet0/0 overload
ip nat inside source static Y.Y.9.140 X.X.X.71
i
i
access-list 1 permit Y.Y.0.0 0.0.255.255
!
the version of the IOS is 15.2(1)T3.
07-03-2016 08:41 PM
Hi
Sorry I don't get your concern.
When you configure a one-to-one static nat, you will see it as permanent using the show ip nat translation.
Could you detail more your concern Please?
Thanks
PS: Please don't forget to rate and mark as correct answer if this solved your issue
07-04-2016 03:18 AM
Hi,
thanks for your response.
As i said i configured :
-NAT Overload : for all users using internet.
- Static NAT : for the IMSVA Server (emails).
when i did the debug and the show ip nat translations, i see that the nat work properly :
Router-INTERNET1#sh ip nat translations | i Y.Y.9.140
tcp X.X.X.71:25 Y.Y.9.140:25 54.240.10.161:33383 54.240.10.161:33383
tcp X.X.X.71:25 Y.Y.9.140:25 148.251.215.26:55904 148.251.215.26:55904
Router-INTERNET1# Debug ip nat
Jun 29 16:20:35.763: NAT*: s=64.20.227.134, d=X.X.X.71->Y.Y.9.140 [7816]
Jun 29 16:20:35.763: NAT*: s=Y.Y.9.140->X.X.X.71, d=64.20.227.134 [53795]
The IMSVA Server must use the Static NAT but when i analyze the header of the email i found the NAT Oveload not static.
best regards
07-04-2016 06:51 AM
Hi
I missing something. When you're doing a nat one-to-one, the IP header will be the static nat IP you've configured. your IMSVA Trend Micro has the IP y.y.9.140 right?
I would like to have 2 outputs if you don't mind:
1. On the ACL of dynamic NAT, Could you add a 1st line to deny the traffic from that machine to any. And check again your header.
2. Could you provide a wireshark trace to show me which header do you have?
On your traces, everything show correct natting.
Thanks
PS: Please don't forget to rate and mark as correct answer if this answered your question
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide