Tons of NAT translations??

mzinzmzinz Member Posts: 328
One of my production routers has an interface connected straight to our internet provider. This is (should be) only used for inbound VPN connections.

All internet traffic is routed out a local interface through our firewall.

NAT is currently enabled, but nothing should really ever be NAT'd, since no traffic goes straight out the internet interface... I thought.

I checked my nat translations today, and there are hundreds, if not thousands, from a single internal address to a single external address.

Oddly enough, the external address has a private IP (192.168.X.X)... The internal address isn't on any subnet I have seen on my network, ever. I'm baffled.

I started doing NetFlow so I could monitor the traffic on the interface, and I can't seem to find EITHER of these IP's. What am I missing here???

Any suggestions would be greatly appreciated.
_______LAB________
2x 2950
2x 3550
2x 2650XM
2x 3640
1x 2801

Comments

  • notgoing2failnotgoing2fail Member Posts: 1,138
    Wow, sounds interesting, keep us posted. Of course, someone more experienced is going to ask you to provide your config....

  • chmorinchmorin Member Posts: 1,446 ■■■■■□□□□□
    If this isn't a production network, disable NAT and see what happens.
    Currently Pursuing
    WGU (BS in IT Network Administration) - 52%| CCIE:Voice Written - 0% (0/200 Hours)
    mikej412 wrote:
    Cisco Networking isn't just a job, it's a Lifestyle.
  • Agent6376Agent6376 Member Posts: 201
    mzinz wrote: »
    One of my production routers

    I couldn't resist.
  • tim100tim100 Member Posts: 162
    Post your NAT configuration and interface configuration as well as a "sh ip nat translations".
  • rwwest7rwwest7 Member Posts: 300
    Could that be the people who are VPN'd in browsing the web?
Sign In or Register to comment.