NAT 1:1

SOLVED
jlopez_sv81
Here to help

NAT 1:1

I have NAT 1:1 configured on MX100 for an internal server using the secondary link, Inbound traffic work fine but when I make a traceroute from the internal server to the public network the server uses the primary link.

 

Does someone know about that behavior?

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal

Try creating a flow preference.

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen... 

 

Note that traceroute won't produce accurate results in this case.  Most likely, the actual traffic from inside of your network to the public IP will never leave the MX or use either WAN port.  It will get redirected internally.

View solution in original post

5 REPLIES 5
Dylan_YYC
Getting noticed

That might require a static route to function over the 2nd link

Sound like a route-map not supported by Meraki, but is a straightforward network, a switch with L3 Vlans point default route to MX.

PhilipDAth
Kind of a big deal

Try creating a flow preference.

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen... 

 

Note that traceroute won't produce accurate results in this case.  Most likely, the actual traffic from inside of your network to the public IP will never leave the MX or use either WAN port.  It will get redirected internally.

cmr
Kind of a big deal
Kind of a big deal

@jlopez_sv81 I always use http://time.org

 

It shows the public IP address you are coming from at the top of the page.

 

It also tells you the time... 😇

Thank you, it is good information.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels