After going through other posts here, and in internet, i am still not sure about hairpin nat after hours of trying different commands and settings. So I post here for help.
Here is my config.
eth0 = public interface = a.b.c.d
eth2 = 10.250.0.1/24
eth3 = 10.10.0.1/24
eth4 = (will be 172.30.0.1/24) – in future
My current rules
set nat destination rule 100 destination address 'a.b.c.d' set nat destination rule 100 destination port '80,443' set nat destination rule 100 inbound-interface 'eth0' set nat destination rule 100 protocol 'tcp' set nat destination rule 100 translation address '10.250.0.2' set nat source rule 101 outbound-interface 'eth0' set nat source rule 101 source address '10.0.0.0/8' set nat source rule 101 translation address 'masquerade'
(rule for 172. will be added in future)
What I need is that any computers from 10.10. and 10.250 network when they try to reach http(s)://a.b.c.d , it should work and hopefully log internal/real ip address. ( and also from future 172.30.0.0/24 network )
I am unable to figure it out.
Please help by providing the output of “show configuration commands” and not “show configuration”.
I find it very easy to understand show configuration commands as it tells me exactly what I need to type. This will also help others in future seeing the description and the commands to type.