144
VPN instance/VLAN ID/VLL ID: -/-/-
Protocol: TCP(6)
State: TCP_ESTABLISHED
Application: HTTP
Start time: 2012-08-15 14:53:29 TTL: 3597s
Interface(in) : GigabitEthernet1/1
Interface(out): GigabitEthernet1/1
Initiator->Responder: 7 packets 308 bytes
Responder->Initiator: 5 packets 312 bytes
Total sessions found: 1
NAT hairpin in P2P mode for access between internal users
Network requirements
In the P2P application, internal clients must register their IP address to the external server and the server
records the registered IP addresses and port numbers of the internal clients. An internal client must
request the IP address and port number of another client from the external server before accessing the
client.
Configure NAT hairpin so that:
•
The internal clients can register the same external address to the external server.
•
The internal clients can access each other through the IP address and port number obtained from
the server.
Figure 59
Network diagram
Configuration considerations
This is a typical application of NAT hairpin in P2P mode.
•
Configure outbound dynamic NAT on the interface that connects the external network so that the
source address of the clients are translated when they register their IP addresses to the external
server.
•
Configure PAT of the Endpoint-Independent Mapping mode. The translation of the clients'
addresses is endpoint-independent because the registered IP address and port number should be
accessible for any source address.
•
Enable NAT hairpin on the interface that connects the internal network so that internal clients can
access each other through the external address.
Summary of Contents for MSR 2600 Series
Page 6: ...We appreciate your comments...
Page 33: ...18 AC vlan1 quit...
Page 118: ...103...