Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
247
Views
0
Helpful
1
Replies

NAT from the outside-in

kenjordan
Level 1
Level 1

‎03-05-2003 05:30 AM - edited ‎03-02-2019 05:35 AM

I would like to know if there is anyway to tell how many devices are are being translated by a NAT device that I have no administrative control over from the outside. For example, if I am an ISP and want to know if a business or residential customer is re-routing the connection multiple times.

My impression is that if you sniff the line you can't tell because one inside device may be using multiple applications with different port numbers. I have been told that there may be a way to check with MAC addresses but I didn't think a NAT or firewall kept any record of MAC addresses.

Thanks for any info,

Ken

Labels:
0 Helpful
1 Reply 1

jan.klepal
Level 1
Level 1

‎03-05-2003 09:14 AM

There is no way how to check how many computers are behind NAT device.

To check what MAC addresses are used on the line between your and customer's router simply type "show ip arp". But there will be only MAC addresses which are on segments directly connected to your router.

By sniffing traffic on the line you can only guess how many computers are behind NAT device. For example count simulateous connections from NAT device to internet with destination port 80. Unfortunetaly it is very inaccurate...

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents