NAT 1:1 only working when connected to VPN

RickBaker
New here

NAT 1:1 only working when connected to VPN

So, I'm trying to setup a NAT 1:1 for an outside entity to access one of our servers in the office without needing a VPN account.    I have everything setup and I can reach it on the public IP/port from outside the office if I'm connected to the VPN, but if I'm disconnected from the VPN I cannot reach it.     Any ideas where to start looking for the issue here?

 

Can provide details of our setup if that will help.

4 Replies 4
Nash
Kind of a big deal

Could you provide some sanitized details of your 1:1 nat config? 

 

If you can only reach this server when you're functionally internal, something's gotta be wrong with that setup.

So we have a /29 from our provider.   Say 200.200.200.0/29.    MX80 is on 200.200.200.2,  NAT 1:1 is mapping public IP 200.200.200.3 to an internal IP on one of our VLANs.

 

Maybe unrelated, but I did just notice that the MX80 Uplink is showing as in conflict so WAN1 is showing as failed.   Looks like it has the same IP address as the switch that is in front of it.   Guess I should try and resolve that first before proceeding forward with the NAT debugging.

Nash
Kind of a big deal

Oh, good catch! I would take a look at that WAN issue and then try again.

PhilipDAth
Kind of a big deal
Kind of a big deal

Yes it sounds like the 1:1 NAT you have allocated might already be in use.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels