Solved

NAT Question

Posted on 2008-10-09
4
1,366 Views
Last Modified: 2012-05-05
Experts,
I have taken over on a network where no documentation was left behind. I am trying to see what the NAT address is of each of the six servers are for documenting. On each server if I go to "Whatsmyip.com" on each server it always comes back with the WAN external IP address. The firewall is a Sonicwall TZ190 with enhanced OS. I looked inside to see if there was the NAT rules created in there....which I can see all the external IP's for the domain but all the old server names are still in there? They have since replaced all the servers since the Sonicwall was set up.
Is there any commands that I can run that will show me what the NAT address of each server is so I can match the NAT address to the Internal server address? IE: 66.64.123.456 = 192.168.10.10
Thanks!!!!
0
Comment
Question by:Paul_S01
  • 2
4 Comments
 
LVL 10

Expert Comment

by:Kieran_Burns
ID: 22679796
If they are all coming back with the same IP then the previous incumbent set up a HIDING NAT, not a static one.
this means that all the internal addresses hide behind the single external IP of the firewall
0
 
LVL 4

Expert Comment

by:TNL_Engr
ID: 22679924
Based on your testing it appears that from the server side going out the servers are translating on the firewall outside address just like any other workstation.  It is possible that when the servers were changed, the new systems were not given 1 to 1 NATs, and are simply translating on the outside address.  

Look at it from the other direction.  What servers are accessible from the outside, and how are they accessed?  Do you have an email server or a web server hosted on the inside?  It is possible for these systems to be using NAT on the outside firewall interface, while port address translation is forwarding requests different directions based on incoming port (ie. 25, 80).

Try looking at your external domain DNS records.  Where do the various records (www, mail) point to?  This may help to determine which external addresses, if any, are still in use.
0
 

Author Comment

by:Paul_S01
ID: 22680986
Thanks TNL_Engr
There is one external IP that is used for the terminal sever that can be reached via RDP. I dont believe that there is 1 to 1 going on but the firewall is a Sonicwall TZ190 w enhanced OS......far different than a PIX! The access tables are not well defined as to what the access rules and from what I am seeing the external IPs listed in the access tables have the old server names in them. The terminal  sever is the only address that can be accessed from the outside, which is a different address from the WAN address. No email or web servers.
0
 
LVL 4

Accepted Solution

by:
TNL_Engr earned 250 total points
ID: 22681512
You are right about SonicWall being different.  I like Cisco better (especially the ASA line), but the TZ190 is a great firewall too, and is pretty easy to configure once you get used to it.  

I expect your TZ190 was originally set up without a lot of organization.  As the network evolved, it was probably minimally programmed just to keep it working.  Now it's a mess to figure out.  Here are some things that are different about NAT on the TZ190 FW that might help you in figuring it out.  (The Administrator's Guide will be very helpful.)  Here's the link.
  http://www.sonicwall.com/downloads/SonicOS_Enhanced_4.0_TZ_180_190_Administrators_Guide.pdf

"With the new NAT engine, its necessary to write two policies  one to allow incoming requests
to the destination public IP address to reach the destination private IP address (uninitiated
inbound), and one to allow the source private IP address to be remapped to the source public
IP address (initiated outbound)."  The original administrator did not program the mapping the same both ways, so the NAT lookup returns the outbound interface when looking from the server.

"You can change the view your route policies in the NAT Policies table by selecting one of the
view settings in the View Style menu. All Policies displays all the routing policies including
Custom Policies and Default Policies. Initially, only the Default Policies are displayed in the
Route Policies table when you select All Policies from the View Style menu."
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Separate Credit Card Machines for PCI Compliance 4 78
Design of sending events/logs to SIEM/Arcsight 2 127
Firewall Appliance 3 57
network error 8 36
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now