Solved: Re: NAT 1:1

jlopez_sv81

I have NAT 1:1 configured on MX100 for an internal server using the secondary link, Inbound traffic work fine but when I make a traceroute from the internal server to the public network the server uses the primary link.

Does someone know about that behavior?

PhilipDAth

Try creating a flow preference.

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...

Note that traceroute won't produce accurate results in this case. Most likely, the actual traffic from inside of your network to the public IP will never leave the MX or use either WAN port. It will get redirected internally.

View solution in original post

Dylan_YYC

That might require a static route to function over the 2nd link

PhilipDAth

Try creating a flow preference.

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...

Note that traceroute won't produce accurate results in this case. Most likely, the actual traffic from inside of your network to the public IP will never leave the MX or use either WAN port. It will get redirected internally.

View solution in original post

cmr

@jlopez_sv81 I always use http://time.org

It shows the public IP address you are coming from at the top of the page.

It also tells you the time... 😇

jlopez_sv81

Sound like a route-map not supported by Meraki, but is a straightforward network, a switch with L3 Vlans point default route to MX.

jlopez_sv81

Thank you, it is good information.