Strange Static NAT problem on ME6524 running VRF-Lite
I'm having a rather bizarre and highly annoying problem with static NAT on an ME6524.
I've created a virtual router (VRF CORPNET) which has one physical L3 interface, one SVI and one Loopback.
This Virtual router has the sole purpose of NATing our internet-addressable IP addresses to another set of addresses on our Corporate WAN.
There are two NAT rules - a single 1-1 Static NAT, and an overload NAT for everything else, which uses the Loopback address.
The 1-1 Static NAT is used to NAT our VPN ASA, which is used to establish a Site-Site VPN to one of our counterparts on the Corporate WAN.
This works fine most of the time, however once or twice a day, the NAT just stops working, our Site-site VPN drops, and traffic is being seen on our counterpart's firewall with source address un-NATed (They see 126.96.36.199, when they should see 188.8.131.52).
When we go onto the 6524 and do a show ip nat translations we get the following (184.108.40.206 is our VPN ASA - 220.127.116.11 is just user traffic):
ZR-BDG1-6524#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...