NAT question

From: alee@cccis.com
Date: Fri Mar 14 2003 - 12:06:13 GMT-3

• Next message: Scott M. Livingston: "RE: CBWFQ Max bandwidth"
• Previous message: Scott Morris: "RE: Need help on RSPAN configuration"
• Next in thread: Jonathan V Hays: "RE: NAT question"
• Maybe reply: Jonathan V Hays: "RE: NAT question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are using NAT pool nating our internal network to 198.204.15.125 on the
ISP router to the internet. I am seeing lots of inbound traffic from the
internet to 198.204.15.125 on the firewall. As far as what I understand
about NAT, when internet traffic hits ISP router, shouldn't the destination
IP will be translated from 198.204.15.125 to our internal IP addresses?
Why is the firewall seeing 198.204.15.125 IP address as the destination in
the firewall log? I also tried to use access-list to block inbound
destination IP as 198.204.15.125 on both ISP routers without luck. Of
course, our firewall drops those packets but it causes quite lots of
overhead on the firewall. If anyone know why it happens, and how to block
it, I would appreciate it. Thanks.

ISP router(HSRP) ------ firewall ----- internal network

Arthur Lee
Senior Network Engineer

• Next message: Scott M. Livingston: "RE: CBWFQ Max bandwidth"
• Previous message: Scott Morris: "RE: Need help on RSPAN configuration"
• Next in thread: Jonathan V Hays: "RE: NAT question"
• Maybe reply: Jonathan V Hays: "RE: NAT question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Apr 05 2003 - 08:51:39 GMT-3