Page 1 of 1

Hairpin NAT - Problem configuring

Posted: Sat Jul 19, 2014 1:23 pm
by sjoram
Trying to configure Hairpin NAT and I can't make it work.

I need clients on 10.0.0.0/16 (VLAN 10) to be able to access the services as per the dstnat rules.
Other VLANs and external connections can work the dstnat rules fine, it's just clients on the same VLAN/subnet as the server they are accessing.

Image

Re: Hairpin NAT - Problem configuring

Posted: Sun Jul 20, 2014 1:13 pm
by AlexS
If its on the same vlan, you need to do a src nat as well, other wise the dst server replies directly to the original server and thus the packet doesn't get un natted !

Re: Hairpin NAT - Problem configuring

Posted: Sun Jul 20, 2014 5:06 pm
by sjoram
Thanks, I re-read the wiki article yet again and the srcnat stuff finally clicked in my head.
I've configured & working.