Hi Marcin,
I have 2 issues I would like to point out as possible culprits here:
1. My understanding is that this NAT feature is actually designed to work
for TCP traffic only. The documentation below [1] also says that. Although I
must say, I have seen a blog on which a dude states hes tried it out on UDP
and found it to be working just fine!
2. TFTP traffic: As you know, TFTP signals on UDP:69 and then switches over
to these high numbered UDP port numbers, which are somewhat random in
nature. Now, I am not sure all the subsequent UDP traffic for the actually
file data transfer will be hitting your NAT policy there! Try modifying the
access list to match on the range of UDP port numbers that TFTP uses.
On Wed, Jan 19, 2011 at 7:06 PM, Marcin Zgola <MZgola_at_netrixllc.com> wrote:
> Problem Here is my setup
>
> ip nat pool PDSN 192.168.1.10 192.168.1.11 prefix-length 24 type rotary
> ip nat inside destination list TELNET pool PDSN
> !
> ip access-list extended TELNET
> permit tcp any host 10.16.100.1 eq 23
> permit udp any host 10.16.100.1 eq tftp
>
>
>
> This works great for telnet session, but it does now work for UDP.
>
> Here is my setup
>
> R1---R2---R3 (192.168.1.10)
> ---R4 (192.168.1.11)
>
> I need R1 to initiate a session to 10.16.100.1 and R2 to nat this session
> to either 192.168.1.10 or 192.168.1.11. it works great for TCP but not for
> UDP.
>
>
>
> Marcin Zgola
> Internetwork Lead
> CCIE #18676
> Netrix, LLC
> http://www.netrixllc.com
> Ph. 847.283.7400
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>
-- CCIEx2 (R&S|Sec) #19963 Blogs and organic groups at http://www.ccie.netReceived on Wed Jan 19 2011 - 20:57:42 ART
This archive was generated by hypermail 2.2.0 : Tue Feb 01 2011 - 07:39:17 ART