• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 337
  • Last Modified:

Using Dynamic NAT with 1-to-1 NAT

Is there normally a problem running dynamic nat with 1-to-1 NAt?

Scenario: all users can access the internet, some computers use dynamic NAt others use 1-to-1 nat,
internet pages constantly need to be reloaded in order to see webpages when more than one user is in the office.

One-to-One Nat setup - each private IP has a public IP

Dynamic NAT setup - one private IP for each pc

All computers are on the same network range 192.168.1.x
0
wirelessadmin
Asked:
wirelessadmin
2 Solutions
 
jjoseph_xCommented:
Normally that shouldn't be a problem.  Most organizations have a PAT (which is the actual term for that you call Dynamtic NAT) and a NAT setup (usually the PAT is for the users as you're unlikely to have some 50 or more publics IPs with the NAT for certain servers).

I have a setup similar to yours (I've got a NAT address and everyone else uses PAT/Dynmatic Nat) and we don't have the problems that you're experiencing.

What kind of firewall are you using?  Also are you using a proxy server for your web browser?
0
 
wirelessadminAuthor Commented:
firebox firewall
0
 
jjoseph_xCommented:
Unfortunately I am not-at-all familiar with the Firebox firewall.

However, what you describe seems like a problem with the translation table.  Does this problem only occure for the people with Dynamic Nat, or does it only happen to the people with the 1-to-1 NAT, or does it happen to both of them?
0
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

 
wirelessadminAuthor Commented:
both
0
 
jjoseph_xCommented:
But if you, for instance, get rid of the 1-to-1 NAT does the problem go away?  If this was related to the translation table, the 1-to-1 NAT shouldn't really be affected...  so it might be something else.

Or this problem might not be related to the NAt at all.
0
 
IPKON_NetworksCommented:
This actually sounds like it might be a caching issue. Do you use a proxy/ISA server?

Sorry to join in the conversation btw.

Barny
0
 
lrmooreCommented:
Is there any overlap between the dynamic address pool and any of the static nat entries?
How many public IP addresses do you have?
0
 
wirelessadminAuthor Commented:
there is no overlapping
0
 
jjoseph_xCommented:
So what ended-up being the problem?
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now