I have a 1to1 NAT forwarding my public IPs to my servers internal IPs (10.1.10.xxx). The internal IPs are on a network running OSPF. The problem is I can’t access the servers using their internal IPs. If I send a ping, it reaches the server but the return route is forwarded directly to the public IP which knows nothing about my internal network. I don’t want to run OSPF on the external network. Is there a way to mark these packets (everything on 10.0.0.0/8) so they are not directly forwarded to the correlating public IP by the NAT? Thanks in advance.
please be more specific. what’s your network/router configuration?
for 1 : 1 NAT, use action=“netmap”
I figured it out. I needed to put a ! 10.0.0.0/8 rule in there so it did not pass requests to this dst network through the NAT. Similar ! rule to stop masquerading. Thanks though.