Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

natting please help

hi there

when traffic from outside the firewall comes into my dmz gets natted, Am I right in saying that the source address from outside does not change, for some reason when I do a packet capture on the dmz net server, i always see the source as the dmz interface and the destination the server, in which case when the traffic goes back to the destination, how does it know where to go?? I would expect the source to be kept intact, or would it get changed to the firewall interface, how does it know where to send it back to?? would this be in the state table ?

1 REPLY
Hall of Fame Super Silver

Re: natting please help

Hello Carl,

when you do a packet capture in DMZ you should see the source MAC of DMZ interface of firewall.

At layer3 the source ip should still be the original ip address as seen in the outside.

If not it means the FW is configured for a form of double natting or TCP intercept and in that case yes the state table is used to understand how to send back an answer.

Hope to help

Giuseppe

92
Views
0
Helpful
1
Replies
CreatePlease to create content