To have a better experience, please upgrade your IE browser.upgrade
Questo sito utilizza cookie di profilazione (propri e di terze parti) per ottimizzare la tua esperienza online e per inviarti pubblicità in linea con le tue preferenze. Continuando a utilizzare questo sito senza modificare le tue preferenze acconsenti all’uso dei cookie. Se vuoi saperne di più o negare il consenso a tutti o ad alcuni cookie clicca qui>
The website that you are visiting also provides Arabian language. Do you wish to switch language version?
يوفر موقع الويب الذي تزوره المحتوى باللغة العربية أيضًا. هل ترغب في تبديل إصدار اللغة؟
The website that you are visiting also provides Russia language Do you wish to switch language version?
Данный сайт есть в английской версии. Желаете ли Вы перейти на английскую версию?
a local internet server (server1) under nat server rule can be accessed by remote user (PC2) on the public ip 188.8.131.52 but cannot be accessed by internal network (PC1) using public address 184.108.40.206
no reply to the ping from PC1 to 220.127.116.11
B)As the internal user access the server using public IP, the source address used by the packet received by the server is that of the internal network. The ping will come back with destination the internal network address and PC1 will not recognize the reply packet. The packet will not pass in the firewall and pass directly from AR2 to PC1.For these reason PC1 cannot communicate with the internal server using public ip 18.104.22.168.
C)Creating a nat pool and applying a nat source policy to the internal user, the server will reply with an external IP address as source, sending the packet to the firewall, the firewall will send back the reply to the internal that will receive a correct reply. PC1 can communicate with the internal server using public ip 22.214.171.124.
create a source nat from the internal user to the internal server.
nat address-group nat_internal 0
mode no-pat local
section 0 126.96.36.199 188.8.131.52
rule name NAT_from_internal
source-address 192.168.3.0 24
destination-address 192.168.2.0 24
action nat address-group nat_internal
remember to warrant that there is a route to the firewall for the reply packet to the public ip:
[AR2] ip route-static 184.108.40.206 255.255.255.0 192.168.0.2