Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
458
Views
0
Helpful
1
Replies

sh ip nat translations

Peter Valdes
Level 3
Level 3

‎06-17-2007 09:41 PM - edited ‎03-09-2019 06:12 PM

Hi,

When I action show ip nat translations on our gateway router, it comes up with an Inside Local IP Address that does NOT belong to out local network. See attached.

192.168.1.0/24 does not belong to any of our user, not in routing table as static route (we don't use dynamic protocol) nor this is a configure interface on the router.

Is there a way I can trace which VLAN this IP is coming from because before this network 192.168.1.0/24 was flooding out NAT pool and I had to configure the following under the NAT Pool ACL:

deny ip 192.168.1.0 0.0.0.255 any any log

Show log:

Jun 18 2007 14:41:46.081 EST: %SEC-6-IPACCESSLOGP: list NAT_ACL denied udp 192.168.1.130(0) -> 10.0.1.1(0), 15 packets

and

Jun 18 2007 14:51:29.101 EST: %SEC-6-IPACCESSLOGDP: list NAT_ACL denied icmp 192.168.1.111 -> 71.8.70.164 (0/0), 3 packets

Could this be a DOS attack?

We are currently experiencing Internet outage to some users which cannot use HTTP, mail and terminal service.

Thanks

Labels:
Preview file
2 KB
0 Helpful
1 Reply 1

anandramapathy
Level 3
Level 3

‎06-18-2007 03:43 AM

Is there any subnets inside who are conencted to a different network over VPN

with the IP 192.168.1.X etc & access th internet.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents