Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Destination NAT issue or routing change

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Destination NAT issue or routing change

L3 Networker

Hi All,

 

I have had a destination nat running for months without issue.

 

NAT: Source VPN Interface to Inside Interface: Destination Address: 192.168.90.231 Destination Translation: 10.0.8.82

 

Rule: Source VPN to Inside : Source IP to 192.168.90.231

 

It has been working for months without issue.

 

Suddenly last night, the traffic to 192.168.90.231 starts routing to the outside interface and NAT stops working as traffic isn't heading that way. No changes were made on the system, it's not in the BGP routing table. As there is no rule for this it hits default deny. I have checked that the destination real address is routable and it is.

 

This is the only path that is failing. Any idea's?

 

Regards

 

Adrian

1 accepted solution

Accepted Solutions

That range was only ever used as an IP range for receiving traffic on the firewall to translate to a real IP on the network. Not sure why it occurred, we think it must have existed somewhere on the internal network and we were lucky before that it worked.

 

I added a static NAT and that resolved the issue.

 

Regards

 

Adrian

View solution in original post

2 REPLIES 2

L6 Presenter

@a.jones,

 

I think, there are some changes happened w.r.t. routing for IP 192.168.90.231 and due which traffic is routed outside interface. You can also verify your device FIB to see active routes. Also verify same using test commands through cli.

 

Mayur

M

Check out my YouTube channel - https://www.youtube.com/@NetworkTalks

That range was only ever used as an IP range for receiving traffic on the firewall to translate to a real IP on the network. Not sure why it occurred, we think it must have existed somewhere on the internal network and we were lucky before that it worked.

 

I added a static NAT and that resolved the issue.

 

Regards

 

Adrian

  • 1 accepted solution
  • 2499 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!