NAT translation and IP communication happens bidirectional. I think, tcp intercept is not compatible with NAT.
Wit regards Kings On Fri, May 27, 2011 at 10:02 AM, Tyson Scott <[email protected]> wrote: > what is the output of a debug ip nat and debug ip packet when this is > occuring. > > > > Change everything to static routing and disable everything else to minimize > the amount of other traffic being seen. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > Managing Partner / Sr. Instructor - IPexpert, Inc. > Mailto: [email protected] > Telephone: +1.810.326.1444, ext. 208 > Live Assistance, Please visit: www.ipexpert.com/chat > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Kingsley Charles > *Sent:* Wednesday, May 18, 2011 8:18 AM > *To:* [email protected] > *Subject:* [OSL | CCIE_Security] ip tcp intercept with NAT doesn't work > > > > Hi all > > R2 is doing NAT and translating R1's IP address. R3 can see only R1's post > NAT address. > > > R1 ---------------- R2 ----------------- R3 > > > Now either, if I try to telnet from R3 to R1 (NATTed address) or R1 to R3, > telnet fails. > > It seems R2 doesn't get the ACK reply back to the SYN/ACK sent by it after > intercepting. It keeps retransmitting till the timeout. > > > The same works with watch mode > > > Does this mean, ip tcp intercept in intercept mode will not work with NAT? > > > > > > > With regards > Kings >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
