05-05-2011 03:33 AM - edited 03-06-2019 04:54 PM
Hi,
I have configured my cisco router 1841 with nat overload and static nat 1:1 to 2 lan client as follows:
1. LAN IP 192.168.1.2 navigate with WAN public IP, example 1.1.1.1 - NAT Overload
ip nat pool natpool 1.1.1.1 1.1.1.1 netmask 255.255.255.0
ip nat inside source list 1 pool natpool overload
access-list 1 permit 192.168.1.0 0.0.0.255
2. LAN IP 192.168.1.132 navigate with an external public IP, example 5.5.5.5 - NAT Static
ip nat inside source static 192.168.1.132 5.5.5.5 extendable
The two lan client navigate without problem, but the hairpin test fail, in fact if I try to ping the ip 5.5.5.5 from the client 192.168.1.2 the ping is not permitted, but naturally the client with ip 192.168.1.2 is able to ping the ip 192.168.1.132.
I have configured the following route-map under the lan interface but the test fail the same
interface Vlan2
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip policy route-map Nat-loop
route-map Nat-loop permit 10
match ip address 102
set ip next-hop 192.168.1.132
access-list 102 permit ip host 192.168.1.2 host 5.5.5.5
I hope one of your kind help.
Best regard.
Fabio
05-12-2011 02:35 PM
Sorry, hairpin NAT does not work.
04-01-2012 01:27 AM
Hi,
Is that for all Cisco router? as I have a 877 and I'm trying to hairping traffic from my remote site VPN to then NAT outside my 877 to the internet.
05-20-2012 11:20 PM
Is it the official opinion from Cisco?
Has smth changed from the past year?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide