NAT alias for SNMP and ICMP not just ARP

Unanswered Question
Apr 15th, 2009

I have a simple static NAT config where I've utilised unused IP addresses on the LAN (inside interface) in my NAT translation. The router aliases these addresses by responding to ARP requests on the local LAN. The issue I'm having though is that is also processes and responds to SNMP and ping packets. I was expecting this traffic to be simply translated by the static NAT. Why does this happen?

See config below:

- When I ping 192.168.1.11, the router replies

- When I SNMP WALK 192.168.1.11, I walk this router

interface FastEthernet0/0

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.168.10.253 255.255.255.0

ip nat outside

ip virtual-reassembly

!

ip nat outside source static 192.168.10.11 192.168.1.11

!

end

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Laurent Aubert Wed, 04/15/2009 - 09:57

Hi,

I think it's because the packet is not routed to the outside interface.

When packets are received from the inside interface, routing decision applies first and NAT occurs only if the outgoing interface is configured as outside.

In your case, The destination IP address is see as directly connected to the inside interface so its' never routed to the outside interface.

Try using PBR to send these packets to F0/1.

HTH

Laurent.

Actions

This Discussion