I have a cisco 1811. 2 pppoe connections to the internet.I have denied all the private IP in the acl and applied them to dialer1.
I've been mad by where these nat translation come from? (please see the attachment which has better format). 192.168.99.xx is actually local pool for vpn users. And these IP showed in the nat translation table are not leased out.
But sometimes, not only from 192.168.99.xx, but also 192.168.80.xx,whatever?
Re: unwanted translation in NAT table, is it attack?
It may be an attackers IP address. The Rate Limiting NAT Translation feature provides the ability to limit the maximum number of concurrent network address translation (NAT) operations on a router. In addition to giving users more control over how NAT addresses are used, the Rate Limiting NAT Translation feature can be used to limit the effects of viruses, worms, and denial-of-service attacks.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...