NAT BASIC

Forum|Forum|7 years ago
March 27, 2019
1 reply
3329 views

Hi , I have the following Nat enabled policy Incoming interface is 10.1.1.1/24 Outgoing interface ip 4.4.4.4/24 And route to destination 8.8.8.8 via gateway 10.1.1.1 If I ping 8.8.8.8 from source 10.2.2.2/24 . What will be the source ip? What if I ping 10.1.1.1 , the host 8.8.8.8 will reply? Thanks

Best answer by Toshi_Esumi

NAT works only for through traffic that would match the policy. Pining the interface coming from the same interface wouldn't hit the policy. It's called "local-in" traffic. The source wouldn't change in the reply packets.

Toshi_Esumi

SuperUser

If your default route (unless you have more specific route for 8.8.8.8) is pointing toward the outgoing interface, it would be SNATed with 4.4.4.4. That's what 8.8.8.8 side sees in the ping packet source IP, then where it would reply to.

If you run sniffer like "diag sniffer packet any 'host 8.8.8.8' 4", you would see those address changes at the NAT.

simsAuthor

Explorer II

Hi,

What if i ping the incoming interface , there will be any translation

Thanks

Toshi_EsumiAnswer

SuperUser

NAT works only for through traffic that would match the policy. Pining the interface coming from the same interface wouldn't hit the policy. It's called "local-in" traffic. The source wouldn't change in the reply packets.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded