Port Forward/Destination NAT not working when general NAT is configured - Port-Forward-Destination-NAT-not-working-when-general-NAT-is-configured/Port-Forward/Destination-NAT-not-working-when-general-NAT-is-configured

Port Forward/Destination NAT not working when general NAT is configured
NetCloud Feature
Security
ft:locale
en-US
ft:sourceName
Salesforce
allViewCount
2990
Document Type
Article

Source NAT to GRE interface IP working but destination NAT/port-forward not working

  • Port Forward / Destination NAT
  • Source NAT to GRE interface IP
  • GRE / DMVPN
  • Topology & data flow example:
image
  • The general NAT rule (which is used to source NAT to the GRE interface IP) also creates a destination NAT rule. This destination NAT rule is processed prior to the more specific DNAT rules:
image
NAT traffic using IPSec (VTI or policy-based):
  • VTI IPSec has an interface source-NAT option
  • Policy IPSec allows the user to specify NAT-to addresses for each Local Network 
  • NAT configuration screenshot:
image