11-22-2010 03:38 AM - edited 03-11-2019 12:12 PM
can some one help to understand the following translation i see on a remote firewall,asa.
PAT Global 20.20.10.10(24777) Local 172.16.24.10(37296)
PAT Global 20.20.10.10(63227) Local 172.16.24.10(34569)
i can numerous of these types.
what does the no. in parenthesis stand for each line and does this mean the connections are working fine.
TIA
Solved! Go to Solution.
11-22-2010 04:04 AM
Hi
The numbers in the paranthesis are the port numbers it is using. PAT Global 20.20.10.10(24777) Local 172.16.24.10(37296) tells us that inside ip 172.16.24.10 on source port 37296 is getting translated and will go out with ip 20.20.10.10 and source port 24777. The second connection will be using the next line of translations.Hope it answers your question.
Regards
Rahul
11-22-2010 04:04 AM
Hi
The numbers in the paranthesis are the port numbers it is using. PAT Global 20.20.10.10(24777) Local 172.16.24.10(37296) tells us that inside ip 172.16.24.10 on source port 37296 is getting translated and will go out with ip 20.20.10.10 and source port 24777. The second connection will be using the next line of translations.Hope it answers your question.
Regards
Rahul
11-22-2010 06:56 AM
Thanks, that clears it.
Now , if suppose the connection has a problem for any reasons & is not working. would i still be seeing translate like this.
11-22-2010 09:19 AM
Yes, The ASA might be building an xlate, but for example there might not be return traffic coming back.
You woule need to investigate.
I would suggest to use command "capture capout interface outside match ip host
I hope it helps.
PK
11-22-2010 10:27 PM
thanks. following is a trace from asa for the packet flow.
192.168.200.5 - host
2.2.2.2 - internet based service
3.3.3.3 - public ip for host 192.168.100.5 ( nat done on asa )
nat ( local ) 1 192.168.100.5 255.255.255.255
global ( internet) 1 3.3.3.3
6 packets captured
1: 07:20:03.624570 192.168.200.5.39419 > 2.2.2.2.25: S 3942230736:3942230736(0) win 8192
2: 07:20:03.632047 2.2.2.2.25 > 192.168.200.5.39419: S 2209827644:2209827644(0) ack 3942230737 win 8192
3: 07:20:03.719887 192.168.200.5.39419 > 2.2.2.2.25: . ack 2209827645 win 1460
4: 07:20:03.726189 2.2.2.2.25 > 192.168.200.5.39419: P 2209827645:2209827739(94) ack 3942230737 win 64860
5: 07:20:03.814822 192.168.200.5.39419 > 2.2.2.2.25: P 3942230737:3942230751(14) ack 2209827739 win 64766
6: 13:50:04.013579 2.2.2.2.25 > 192.168.200.5.39419: . ack 3942230751 win 64846
____________
1: 07:29:03.137276 3.3.3.3.24363 > 2.2.2.2.25: S 1840215282:1840215282(0) win 8192
2: 07:29:03.142967 2.2.2.2.25 > 3.3.3.3.24363: S 762906101:762906101(0) ack 1840215283 win 8192
3: 07:29:03.146644 3.3.3.3.24363 > 2.2.2.2.25: . ack 762906102 win 1460
4: 07:29:03.153724 2.2.2.2.25 > 3.3.3.3.24363: P 762906102:762906196(94) ack 1840215283 win 64860
5: 07:29:03.157599 3.3.3.3.24363 > 2.2.2.2.25: P 1840215283:1840215297(14) ack 762906196 win 64766
6: 07:29:03.344052 2.2.2.2.25 > 3.3.3.3.24363: . ack 1840215297 win 64846
7: 07:29:05.164099 2.2.2.2.25 > 3.3.3.3.24363: P 762906196:762906228(32) ack 1840215297 win 64846
8: 07:29:05.168661 3.3.3.3.24363 > 2.2.2.2.25: P 1840215297:1840215303(6) ack 762906228 win 64734
9: 07:29:05.168722 3.3.3.3.24363 > 2.2.2.2.25: F 1840215303:1840215303(0) ack 762906228 win 64734
10: 07:29:05.175573 2.2.2.2.25 > 3.3.3.3.24363: . ack 1840215304 win 64840
11: 07:29:05.175741 2.2.2.2.25 > 3.3.3.3.24363: P 762906228:762906276(48) ack 1840215304 win 64840
12: 07:29:05.175772 2.2.2.2.25 > 3.3.3.3.24363: F 762906276:762906276(0) ack 1840215304 win 64840
13: 07:29:05.179296 3.3.3.3.24363 > 2.2.2.2.25: R 1840215304:1840215304(0) ack 762906276 win 0
14: 14:01:33.674754 3.3.3.3.13197 > 2.2.2.2.25: S 3161967592:3161967592(0) win 8192
My sight dont see any wrong with the flow. however emails cant be sent out from hosts.
packet trace gives allowed flow for each stage.
I also tried permitting tls under mail policy map.
Is there any other part remaining to be checked on the asa.
TIA
Message was edited by: suthomas1
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide