No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
External Hosts Fail to Access Internal Servers

External Hosts Fail to Access Internal Servers

Common Causes

This fault is commonly caused by one of the following:

  • Application layer services on the internal NAT server are disabled.
  • The NAT server is configured on an incorrect interface, such as an outbound interface. (The NAT server should be configured on an inbound interface through which external hosts connect to the internal network.)
  • NAT server configurations are incorrect. For example, the public and private IP addresses of internal servers are incorrect, and private ports configured for the NAT server are different from ports enabled on internal servers.

Troubleshooting Flowchart

Figure 18-4 shows the troubleshooting flowchart.
Figure 18-4  Troubleshooting flowchart for a NAT server failure

Troubleshooting Procedure

NOTE:

Saving the results of each troubleshooting step is recommended. If troubleshooting fails to correct the fault, you will have a record of your actions to provide technical support personnel.

Procedure

  1. Check whether services on the internal NAT server are running properly.

    Access the internal NAT server from an internal host to check whether services such as HTTP and FTP are running properly on the internal NAT server.

    • If services are not enabled, enable the services.
    • If services on the internal NAT server are running properly but the fault persists, go to step 2.

  2. Check that the NAT server is configured correctly.

    Run the display nat server command on the device to check that the NAT server is configured on the correct outbound interface and the correct protocol type, port number, and IP address are configured.

    Ensure that the mapped internal addresses and port numbers are correct. FTP and TFTP use several ports (some of them are randomly generated) to transmit data packets. To configure the NAT server to provide FTP and TFTP, cancel limitation on ports so that the internal server can provide services.

    • If the NAT server is configured incorrectly, reconfigure the NAT server.
    • If the NAT server is configured correctly but the fault persists, go to step 3.

  3. Check that NAT ALG is enabled .

    Run the display nat alg command on the device to check whether NAT ALG is enabled .

    • If NAT ALG is disabled, run the nat alg enable command to enable it.
    • If NAT ALG is enabled but the fault persists, go to step 4.

  4. Check the connectivity between the external host and NAT server.

    Check that the IP address of the outbound interface on the NAT server is correct and the external IP address of the NAT server is correct. The IP addresses cannot conflict with the addresses on other network segments. Ping the external interface of the NAT server from an external host. Ensure that the external host can ping the NAT server successfully.

    • If the external host cannot connect to the NAT server, check the connection.
    • If the external host can connect to the NAT server but the fault persists, go to step 5.

  5. Check that the internal NAT server is configured with the correct gateway address or route.

    The internal NAT server should be configured with the correct route or gateway address so that packets destined for the external host can be sent to the gateway.

    • If the gateway address or route configured on the internal NAT server is incorrect, reconfigure it.
    • If the gateway address or route configured on the internal NAT server is correct but the fault persists, go to step 6.

  6. Collect the following information and contact technical support personnel:
    • Results of the preceding troubleshooting procedure

    • Configuration files, log files, and alarm files of the device

Translation
Download
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 446725

Downloads: 4301

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next