PIX Dynamic NAT Issue

Unanswered Question
Feb 7th, 2007

Here is the setup:

Scenario A

1. The network 1.1.1.0/23 is dynamically translated to 5.5.5.5 when accessing the resources 7.7.7.7 and 8.8.8.8 on port 443. This has been working for months, then last week it stopped working.

Scenario B

1. To resolve the problem on scenario A, host within the 1.1.1.0/23 network were statically translated to individual IP addresses. This is now working.

Scenario C

Another solution for scenario A is scenario C, the network 1.1.1.0/23 is translated to 5.5.5.5 upon reaching PIX, Identity NAT is applied and this setup is working.

Questions:

What caused the dynamic NAT to stopped working?

How can we restore dynamic NAT from working again?

Isolation shows that Static and Identity NAT are working.

NOTE: IP addresses here are not the actual IP Addresses in production.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
astanislaus Wed, 02/07/2007 - 05:28

Sorry. I thought the attaching file was not working and hence by mistake attached same diagram thrice.

Jon Marshall Wed, 02/07/2007 - 05:33

Hi

Could you send the config of the pix.

Also could you let us know which scenario you are currently running so the pix config makes sense.

Thanks

Jon

Actions

This Discussion