We help IT Professionals succeed at work.

Cannot access internal IPs with NAT assignments

308 Views
Last Modified: 2010-04-09
We have several servers and clients behind a PIX 501 firewall / router. Each server is assigned an outside IP address using NAT, and each server has two internal addresses. One internal IP does not have a NAT address (incoming and outgoing translation), the other does. So:

Server 1 has:
Internal IP: 192.168.1.116
Internal IP: 192.168.1.117

The .116 address is assigned a NAT, let's call it 1.2.3.4. The .117 address is not assigned a NAT, it simply uses the PAT address to go out to the internet just like any other client on the network. Here's the odd part. Internal clients (also with 192.168.1.xxx addresses) can access the .117 address without a problem. The .116 address that has the NAT, however, does not seem to be accessible.

When I attempt to ping the .116 address from an internal cient, I get one reply. The rest of the ping requests time out. Any idea why I would be unable to access an internal IP that has a NAT assigned to it?

Thanks for your time.

Best Regards,
Martin Schultz
Comment
Watch Question

"Batchelor", Developer and EE Topic Advisor
CERTIFIED EXPERT
Top Expert 2015
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Qlemo"Batchelor", Developer and EE Topic Advisor
CERTIFIED EXPERT
Top Expert 2015

Commented:
BTW, you can test my theory by calling arp -a after ping. Make sure to ping Cisco device, too, so you can compare both MAC addresses.

Author

Commented:
Qlemo,

You were 100% right. I switched the ARP Proxy off for the internal interface and everything is working. Thanks for your time!

-Martin
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.