Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Routing / Natting Issue

I'm having a routing / natting issue. Here's the setup:

http://img223.imageshack.us/my.php?image=probhk7.jpg

The firewall has already natted the traffic coming from VLAN 70 to be 192.168.2.x

When I try to nat the natted IP from 192.168.2.x to 192.168.10.x to allow traffic to my server it does not work. It will only work if I perform a NAT on the 192.168.10.x interface and translate it to 192.168.2.x. The problem by doing this is it breaks my application on the server. Anybody has an alternate way of going about this issue? Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Routing / Natting Issue

Few important points to remember while configuring NAT are:

1) The NAT router checks the routing table to see if it has an entry for the destination address. If the destination address is not in the routing table, the packet is dropped. If an entry is available, it verifies whether the packet is traveling from the inside to the outside network and checks if the packet matches the criteria specified for translation. The router then checks the address translation table to find if there is an entry existing for the inside local address with a corresponding inside global address. If an entry is found, it translates the packet by using the inside global address. If static NAT alone is configured and no entry is found, it sends the packet without translation.

2) The NAT router translates the inside global address of the packet to the inside local address and then checks the routing table before it sends it to the destination computer. Whenever an entry is not found for an address in the translation table, it is not translated and proceeds with verifying the routing table for the destination address. The packet is dropped if a route to the destination is not found in the routing table.

3) When a packet is traversing inside to outside, a NAT router checks its routing table for a route to the outside address before it continues to translate the packet. Therefore, it is important that the NAT router has a valid route for the outside network. The route to the destination network must be known through an interface that is defined as NAT outside in the router configuration. It is also important to note that the return packets are translated before they are routed. Therefore, the NAT router must also have a valid route for the Inside local address in its routing table.

1 REPLY
Silver

Re: Routing / Natting Issue

Few important points to remember while configuring NAT are:

1) The NAT router checks the routing table to see if it has an entry for the destination address. If the destination address is not in the routing table, the packet is dropped. If an entry is available, it verifies whether the packet is traveling from the inside to the outside network and checks if the packet matches the criteria specified for translation. The router then checks the address translation table to find if there is an entry existing for the inside local address with a corresponding inside global address. If an entry is found, it translates the packet by using the inside global address. If static NAT alone is configured and no entry is found, it sends the packet without translation.

2) The NAT router translates the inside global address of the packet to the inside local address and then checks the routing table before it sends it to the destination computer. Whenever an entry is not found for an address in the translation table, it is not translated and proceeds with verifying the routing table for the destination address. The packet is dropped if a route to the destination is not found in the routing table.

3) When a packet is traversing inside to outside, a NAT router checks its routing table for a route to the outside address before it continues to translate the packet. Therefore, it is important that the NAT router has a valid route for the outside network. The route to the destination network must be known through an interface that is defined as NAT outside in the router configuration. It is also important to note that the return packets are translated before they are routed. Therefore, the NAT router must also have a valid route for the Inside local address in its routing table.

121
Views
0
Helpful
1
Replies
CreatePlease to create content