03-01-2003 04:13 AM - edited 03-02-2019 05:30 AM
I have a situation where we are using PAT, but have an application that connects from inside to outside but the return connection uses a different port number. All connections work except this one application.
1) Is the anyway of doing this with PAT
2) If I take the overload command out will, I think will be using NAT and does
NAT care which port the return connection uses. Does it look at ports at all just map address to address.
!
interface Loopback0
ip address 139.170.251.253 255.255.255.128
!
interface FastEthernet0/0
description IRM
ip address 10.10.10.1 255.255.255.128
ip nat inside
duplex auto
speed auto
!
interface Serial0/0
description to Dartmouth
ip unnumbered Loopback0
ip nat outside
encapsulation ppp
no fair-queue
no cdp enable
!
interface FastEthernet0/1
description RES
ip address 139.170.251.1 255.255.255.128
duplex auto
speed auto
!
router rip
redistribute connected
network 10.0.0.0
network 139.170.0.0
!
ip nat pool Dartmouth 139.170.251.129 139.170.251.248 netmask 255.255.255.128
ip nat inside source list 10 pool Dartmouth overload
ip nat inside source static 10.14.12.2 129.170.251.254
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip route 10.14.0.0 255.255.128.0 10.10.10.2
ip http server
ip pim bidir-enable
!
access-list 10 deny 10.14.12.2
access-list 10 permit 10.14.0.0 0.0.127.255
!
Solved! Go to Solution.
03-01-2003 04:56 PM
If no "overload" then its simple NAT which will not care for ports. Its inside to outside ip address translation. Here is the link for more on that
http://www.cisco.com/warp/public/556/nat-cisco.shtml
Now for PAT (using overload) to work, the outside to inside reply should be on the same source port number otherwise router will not map those ports correctly.
03-01-2003 04:56 PM
If no "overload" then its simple NAT which will not care for ports. Its inside to outside ip address translation. Here is the link for more on that
http://www.cisco.com/warp/public/556/nat-cisco.shtml
Now for PAT (using overload) to work, the outside to inside reply should be on the same source port number otherwise router will not map those ports correctly.
03-04-2003 02:04 PM
Thanks,
Removing the overload did fix their problem.
/ray
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide