Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
496
Views
0
Helpful
2
Replies

Static PAT to HTTP server with the private Address result a returned traffic with destination Port number 0

MohammadKayed
Level 1
Level 1

‎01-07-2020 11:36 AM

I have a question regarding Static PAT 

 

I have a topology with HTTP server , router and PC.

I tried to pat on a router with the following command :

# ip nat inside source static tcp 192.168.1.10 80 1.1.1.1 8080

all ports configured correctly g0/0 as in and g0/1 as out.

when i try to access 1.1.1.1:8080 through web browser at PC1 it works perfectly.

- But my issue is when I try to access 192.168.1.10:80 I get Request Timeout.

My understanding that when the traffic first time goes from PC1 to Server it has no entry at nat translation table so it goes through routing tables.

then when the return trafic comes back from Server as (-192.168.1.10:80 source , 1.1.1.10:randport destination) it found entry for the source at the nat table so the source will be converted to 1.1.1.1:8080 .

the thing what i couldn't understand the outside global and outside local how it used port 0

Please if someone can explain this case for me i will be grateful.

Labels:
0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎01-07-2020 12:58 PM

Hello,

 

are you trying to access 192.168.1.10:80 from PC1 ? That won't work. Static inside-outside NAT lets you access the public IP address. In the real world, the public IP address is the only unique address that can be accessed. Keep in mind that 192.168.1.10 could be used anywhere, so how is the outside world supposed to know how to get to that private space address ?

 

Hope that makes sense...

0 Helpful

MohammadKayed
Level 1
Level 1
In response to Georg Pauwen

‎01-07-2020 01:05 PM

First thanks for your replay,
I am totally with you the private ip is unroutable and the traffic will be dropped by the ISP.
but I did this Topology only for Lap demo for non real life situation.
I just want to understand the behavior what does it mean , also why the router changes the destination port on the return traffic from the random number to 0 ? .
Thank you
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card