When I use src-nat to hide all my private network 192.168.x.x/24 behind a range of real IP-adresses, say x.x.x.65 - x.x.x.69, strange things happen - some sites with loging/password (mail, bank-services) frequently loses connection and you must reconnect and loging again.
Any suggestion or help?
Thanks
P.S. Sorry for my bad english :oops:
Try using multiple outgoing addresses only for free servers. It help with ICQ too :)
P.S.: this thing happens because of change of client’s outgoing address (on connection NAT-ed through 1 IP and another connetion throught different IP address)
Yes, I know that, but I look for some elegant way to solve the problem.
ICQ? A?
if you are going to map ranges of different sizes together, it will not work. the ip-address range size have to match.
regards.
matthias
Hmm… But it basically works, the problem occur only in websites with user/pass, and not in all sites, just a few. It’s no sense using src-nat to map, say 254 private adressess to same range real ones.
I would nat all of your client PCs out through one of your public IP addresses using port address translation. Use the other IP addresses for incoming connections only.
Regards
Andrew
i would suggest this too. i.e. masquerading for usual clients, src-/dst-NAT pairs for servers.
regards.
matthias