sh ip nat translations

Unanswered Question
Jun 17th, 2007

Hi,

When I action show ip nat translations on our gateway router, it comes up with an Inside Local IP Address that does NOT belong to out local network. See attached.

192.168.1.0/24 does not belong to any of our user, not in routing table as static route (we don't use dynamic protocol) nor this is a configure interface on the router.

Is there a way I can trace which VLAN this IP is coming from because before this network 192.168.1.0/24 was flooding out NAT pool and I had to configure the following under the NAT Pool ACL:

deny ip 192.168.1.0 0.0.0.255 any any log

Show log:

Jun 18 2007 14:41:46.081 EST: %SEC-6-IPACCESSLOGP: list NAT_ACL denied udp 192.168.1.130(0) -> 10.0.1.1(0), 15 packets

and

Jun 18 2007 14:51:29.101 EST: %SEC-6-IPACCESSLOGDP: list NAT_ACL denied icmp 192.168.1.111 -> 71.8.70.164 (0/0), 3 packets

Could this be a DOS attack?

We are currently experiencing Internet outage to some users which cannot use HTTP, mail and terminal service.

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
anandramapathy Mon, 06/18/2007 - 03:43

Is there any subnets inside who are conencted to a different network over VPN

with the IP 192.168.1.X etc & access th internet.

Actions

This Discussion