Re: Static PAT to HTTP server with the private Address result a returned traffic with destination Po...

MohammadKayed · ‎01-07-2020

I have a question regarding Static PAT

I have a topology with HTTP server , router and PC.

I tried to pat on a router with the following command :

# ip nat inside source static tcp 192.168.1.10 80 1.1.1.1 8080

all ports configured correctly g0/0 as in and g0/1 as out.

when i try to access 1.1.1.1:8080 through web browser at PC1 it works perfectly.

- But my issue is when I try to access 192.168.1.10:80 I get Request Timeout.

My understanding that when the traffic first time goes from PC1 to Server it has no entry at nat translation table so it goes through routing tables.

then when the return trafic comes back from Server as (-192.168.1.10:80 source , 1.1.1.10:randport destination) it found entry for the source at the nat table so the source will be converted to 1.1.1.1:8080 .

the thing what i couldn't understand the outside global and outside local how it used port 0

Please if someone can explain this case for me i will be grateful.

Georg Pauwen · ‎01-07-2020

Hello,

are you trying to access 192.168.1.10:80 from PC1 ? That won't work. Static inside-outside NAT lets you access the public IP address. In the real world, the public IP address is the only unique address that can be accessed. Keep in mind that 192.168.1.10 could be used anywhere, so how is the outside world supposed to know how to get to that private space address ?

Hope that makes sense...

MohammadKayed · ‎01-07-2020

First thanks for your replay,
I am totally with you the private ip is unroutable and the traffic will be dropped by the ISP.
but I did this Topology only for Lap demo for non real life situation.
I just want to understand the behavior what does it mean , also why the router changes the destination port on the return traffic from the random number to 0 ? .
Thank you

Static PAT to HTTP server with the private Address result a returned traffic with destination Port number 0