Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
340
Views
0
Helpful
1
Replies

unwanted translation in NAT table, is it attack?

yayasolenet
Level 1
Level 1

‎06-29-2009 08:09 PM - edited ‎03-11-2019 08:49 AM

Hi,

I have a cisco 1811. 2 pppoe connections to the internet.I have denied all the private IP in the acl and applied them to dialer1.

I've been mad by where these nat translation come from? (please see the attachment which has better format). 192.168.99.xx is actually local pool for vpn users. And these IP showed in the nat translation table are not leased out.

But sometimes, not only from 192.168.99.xx, but also 192.168.80.xx,whatever?

Where do these come from?

Thanks in advance.

Lydia

Labels:
Preview file
1 KB
0 Helpful
1 Reply 1

smalkeric
Level 6
Level 6

‎07-05-2009 07:54 AM

It may be an attackers IP address. The Rate Limiting NAT Translation feature provides the ability to limit the maximum number of concurrent network address translation (NAT) operations on a router. In addition to giving users more control over how NAT addresses are used, the Rate Limiting NAT Translation feature can be used to limit the effects of viruses, worms, and denial-of-service attacks.

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_natrl.html#wp1027129

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card