Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
332
Views
0
Helpful
1
Replies

NAT/PORT Selection

jsiegel
Level 1
Level 1

‎02-03-2003 08:51 AM - edited ‎03-09-2019 01:57 AM

I am running 5.2(1) on a 520. It appears that the PIX is sometimes putting traffic onto port 69. My IDS thinks this is possibly TFTP traffic and trips an alarm. Is there a way to force the traffic to the correct port (or at least to a non-standard port). For example, the PIX took traffic coming from port 123 of a PC to port 69 on the outgoing interface of the PIX. Thanks in advance for any suggestions or help.

Labels:
0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎02-03-2003 03:00 PM

You can't specify the port the PIX will use specifically, unless of course you use a static then the ports are left the same. The PIX PAT's source ports as follows:

- If the source port is TCP/UDP 1-511, then the PIX will PAT the SRC address to one in that range.

- If the source port is TCP/UDP 512-1023, then the PIX will PAT the SRC address to one in that range.

- If the source port is TCP/UDP 1024-65535, then the PIX will PAT the SRC address to one in that range.

You could set up a filter in your IDS to just ignore any port 69 from the PIX's PAT address.

0 Helpful
Customers Also Viewed These Support Documents