Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
567
Views
0
Helpful
1
Replies

SEQ #, SYN, SYN-ACK, ACK numbers transversing the PIX

a-alao
Level 1
Level 1

‎03-21-2003 02:46 AM - edited ‎02-20-2020 10:38 PM

When an IP packet tranverses a PIX from the inside to the outside, with NAT or STATIC configured, the source IP address is changed and the sequence number is randomized. What other IP field's change...Do the Seq, SYN, SYN-ACK and ACK number change also.

0 Helpful
1 Reply 1

mchin345
Level 6
Level 6

‎03-27-2003 06:22 AM

In addition to modifying the IP address, NAT must modify the IP checksum and the TCP checksum. Remember, TCP's checksum also covers a pseudo header which contains the source and destination address.

Other then this I don't think it changes anything. For certain protocols like FTP which carry the IP address in the Data Part, NAT changes the IP address where ever it appears.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card