Change IP in NAT rule

Unanswered Question
Feb 1st, 2012

I have change my NAT rule on my ASA to a diffrent public IP address, when I try to access the server from the internet it takes about a hour to reply. Can someone tell me why when I change the public IP in my NAT rule it takes that long to start replying.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
darren.g Wed, 02/01/2012 - 20:36

shanemcanuff wrote:

I have change my NAT rule on my ASA to a diffrent public IP address, when I try to access the server from the internet it takes about a hour to reply. Can someone tell me why when I change the public IP in my NAT rule it takes that long to start replying.

How are you accessing the server from the Internet?

If you're hitting a hostname, it takes most DNS records an hour to expire if they're cached - so you could be hitting a DNS delay.

When you change your IP address and it takes so long to reply, what happens if you nslookup/dig the hostname from the Internet? Do you get the new or the old IP address back?

If you manage your own DNS, you can drop the expiry periods to 5 minutes or something to minimise the outage time - but you'll still run into some delay in propogation of DNS records.

Cheers

shanemcanuff Wed, 02/01/2012 - 21:27

The public IP I change it to was taken from a server that had it, the DNS is still the same. I just remove the server and use that public IP in the NAT rule. I can't even ping the IP address after the change but I can ping other public NAT IP.

darren.g Thu, 02/02/2012 - 14:42

shanemcanuff wrote:

The public IP I change it to was taken from a server that had it, the DNS is still the same. I just remove the server and use that public IP in the NAT rule. I can't even ping the IP address after the change but I can ping other public NAT IP.

Are you also changing the IP address used in your security rules relating to PING, web access etc etc from outside?

When you changed the IP address int he NAT rule, did you clear the existing translations which point to the old IP address?

Actions

Login or Register to take actions

This Discussion

Posted February 1, 2012 at 5:20 PM
Stats:
Replies:3 Overall Rating:
Views:462 Votes:0
Shares:0
Tags: No tags.
 

Discussions Leaderboard

Rank Username Points
1
Giuseppe Larosa
9,434
2
Paolo Bevilacqua
8,817
3
Richard Burts
8,479
4
Jon Marshall
7,058
5
Peter Paluch
5,486
Rank Username Points
Jon Marshall
192
Peter Paluch
84
Joseph W. Doherty
65
Leo Laohoo
45
Vasilii Mikhail...
40