Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

unwanted translation in NAT table, is it attack?

Hi,

I have a cisco 1811. 2 pppoe connections to the internet.I have denied all the private IP in the acl and applied them to dialer1.

I've been mad by where these nat translation come from? (please see the attachment which has better format). 192.168.99.xx is actually local pool for vpn users. And these IP showed in the nat translation table are not leased out.

But sometimes, not only from 192.168.99.xx, but also 192.168.80.xx,whatever?

Where do these come from?

Thanks in advance.

Lydia

1 REPLY
Silver

Re: unwanted translation in NAT table, is it attack?

It may be an attackers IP address. The Rate Limiting NAT Translation feature provides the ability to limit the maximum number of concurrent network address translation (NAT) operations on a router. In addition to giving users more control over how NAT addresses are used, the Rate Limiting NAT Translation feature can be used to limit the effects of viruses, worms, and denial-of-service attacks.

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gt_natrl.html#wp1027129

144
Views
0
Helpful
1
Replies
CreatePlease to create content