Private network user and server are in the same VLAN. After NAT server is configured on the VLANIF interface, why cannot the user access the server using public address

3

The private network user and server are connected to the same VLANIF interface and the same subcard. After the nat server command is executed in the VLANIF interface view to map the server IP address to a public network address, the response packet sent by the server to the user cannot be sent to the CPU, so the packet address cannot be translated. As a result, the user cannot connect to the server. To solve this problem, run the nat outbound command on the VLANIF interface so that the server's response packet can be sent to the router and the packet address can be translated. The router then forwards the packet to the user. The user can connect to the server.

Other related questions:
A user fails to access a server through a public address when the user on the AR and the server are in the same VLAN and the NAT server is configured on the VLANIF interface
A private user device and server connect to the same VLANIF interface on the same subcard. When the NAT server is configured on the VLANIF interface to map the public network address of the server, the response packets sent by the server to the private user device cannot be sent to the CPU for translation. As a result, the private user device cannot connect to the server. To solve this problem, configure outbound NAT on the VLANIF interface. The response packets sent by the server to the user device pass the AR and the address in the packets is translated. Then the AR forwards the packets to the private user device. The private user device can connect to the server.

Configure NAT server on S series switches to allow public network users to access servers on the private network
S7700, S9700, and S9300 series modular switches use SPUs to support the NAT server function.

An internal user cannot access the internal server through the public address
An intranet user cannot use a public address to access an intranet server. Use the following method: 1. Check whether services on the intranet NAT server are running properly. 2. Check whether the NAT server is configured correctly. 3. Check the connection between the external host and NAT server and the configurations of the connected interfaces. 4. Check that the intranet NAT server is configured with the correct gateway address or route.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top