Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
580
Views
0
Helpful
1
Replies

NAT iSCSI target on MDS 9500.

admin_2
Level 3
Level 3

‎04-18-2008 11:08 AM

I have an iSCSI target defined on my director switch. This switch is behind my firewall on my private network. I have an iSCSI initiator on the internet that i want to connect to the target. My FW is providing NAT so the initiator is able to connect to the director and query it for targets. The switch responds with the list of targets, however it sends the private IP of the target which of course my initiator cannot communicate with. Is it possible to configure the switch to send a different IP for the target, than what is defined on the interface?

Labels:
0 Helpful
1 Reply 1

fcorno
Level 1
Level 1

‎05-20-2008 12:31 PM

I wonder what version of SANOS are you using, and if you are using iSLB.

Usually the MDS9000 portal, in reporting the iSCSI targets, lists the "TargetName" but it doesn't insert the optional "text key parameter" of the type "TargetAddress". This is different in case you use iSLB.

You could assign a public IP address to the IPS interfaces only: they are probably a small number and maybe you can find enough available public addresses to avoid NAT-ting just these interfaces.

Another option could be using a VPN tunnel, so you could have your iSCSI initiator virtually part of the same network of the targets, use private addressing for all the devices, and avoid NAT-ting. You probably don't want anyway to have your iSCSI traffic in cleartext on the Internet.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents