1:many nat on Meraki SD WAN

RM89
Conversationalist

1:many nat on Meraki SD WAN

Hi,

I have several Public IPs of the same subnet and I configured 1: many NAT in meraki. From the outside I can only reach the primary IP that is configured from the Internet interface, all other IPs added in 1:many NAT are unreachable.

I ask for your help.         

4 Replies 4
TheHelper
Meraki Employee
Meraki Employee

Hello RM89, 1:Many NAT will be used when you have 1 public IP and it is NATed to several LAN IPs. In this case, you have several Public IPs, I assume they are from your MX's WAN subnet itself. You will need to use 1:1 NAT. 

Doc: https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Configuring_1%3A1_NAT

Make sure those Public IPs are active from your ISPs end and ISP gateway receives ARP responses from those IPs.

alemabrahao
Kind of a big deal
Kind of a big deal

He can also use 1:Many NAT,

 

With 1:many NAT, you can redirect traffic on a public port to any private IP address and port using port translation, and you aren’t restricted to using the MX’s public WAN interface (you can configure as many public IP addresses as your organization owns). This allows significantly greater flexibility for organizations who have one, two, or a handful of public IP addresses and that want to publicly host several services from different private servers, listening on unique internal ports.

Configuring 1:many NAT: map a single public IP listening on several ports to multiple internal servers.

 

alemabrahao_0-1666106611731.png

 

 

I don't remember if you are able to ping It, but If you test a TCP port via telnet It should work.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal

One thing I have seen catch people out a lot - Windows Firewall blocking remote connections (but allowing local connections).

 

Try this test for me, disable Windows Firewall for a while, and see if it starts working.

RM89
Conversationalist

hello friends, Thanks everyone for the replies.

I solved the problem by removing some bans on content control.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels