DNAT Rule Block OSPF connection
Posted: 24 May 2016 00:44
Hi All,
I tried DNAT in my LAB, I use ip filter for trigger the destination NAT by aplly in ingress port. The problem is when I apply rule in my interface the OSPF adjacency will be blocked. Here is my configuration at NAT and the IP filter
I tried DNAT in my LAB, I use ip filter for trigger the destination NAT by aplly in ingress port. The problem is when I apply rule in my interface the OSPF adjacency will be blocked. Here is my configuration at NAT and the IP filter
nat-classifier "DNAT" create
default-dnat-ip-address 5.5.5.5
entry 1 create
action dnat ip-address 5.5.5.5
match protocol tcp
dst-port-range start 22 end 24
exit
exit
exit
nat-policy "DNAT" create
alg
no ftp
exit
dnat
dnat-only router "Base" nat-group 2
nat-classifier "DNAT"
exit
exit
nat-prefix-list "DNAT-Prefix" application dnat-only-subscribers create
prefix 222.222.222.222/32
exit
filter-name "DNAT"
default-action forward
entry 10 create
match protocol tcp
dst-ip 123.123.123.123/32
dst-port eq 22
exit
action
nat nat-policy "DNAT"
exit
exit