Re: PIX 515e Sh Xlate and inside users

state · ‎02-17-2006

I have a Pix 515e and when I do a show xlate I see the outside "destenation" IP address and the natted address with port numbers. My question is how do I correlated the natted address with port numbers to a inside users IP address?

brenteads · ‎02-17-2006

I had to reread this a couple of times to fully understand the intent.

XLATE refers to PAT (Global) so what you are seeing is the PIX box creating internal port maps to internal port maps. Theres little to correlate other than there is a reasignment. Meaning I don't know of any way or need to try to manipulate the port translation.

Could you be a bit more specific as to what your trying to accomplish?

Thank-you.

jackko · ‎02-17-2006

Global 1.1.1.1 Local 192.168.1.100

Global 2.2.2.2 Local 192.168.1.200

PAT Global 3.3.3.3 (36505) Local 192.168.1.1(2441)

PAT Global 3.3.3.3 (36504) Local 192.168.1.1(1028)

the first two entries indicate that these private ips have static nat configured, since it is static, there is no port number associated.

the bottom two entries have a key word pat indicates taht these are patted by the pix. e.g. the original port is 2441 and it is being translated to 36505. the port shown here is the source port not the destiation port.

further, you may do "sh conn" to obtain more detail such as the destination port etc.

e.g.

UDP out 203.18.56.42:53 in 192.168.233.52:1028 idle 0:00:20 flags d

as you can see, this output has the original ip and port, which maps the last entry of the previous output.

state · ‎02-21-2006

Thank you this really helps out a lot.

fausto-oliveira · ‎02-21-2006