A router with IOS FW feature set is installed in my office.For internet access use,I implement NAT for LAN users:assigning a public IP correspondind to a scope of private ip for "overload".But I tracked suspected sessions when I use "Show ip nat translation":an unallocated public IP is being used for the NAT mapping!Meanwhile,the allocated IP is also being used for outside DNS resolution.
I'm confused about it!So I disable all outbound IP trafffic for the unallocated IP by using "Access-list".But the problem is still in persistence.
Could anyone instuct me on what's wrong with my router?Thanks!
Re: Help!Suspected intruder on IOS FW enabled router!
Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen
If anyone else in the forum has some advice, please reply to this thread.