Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
586
Views
0
Helpful
3
Replies

Understanding NAT

steveblurr
Level 1
Level 1

‎07-29-2020 10:31 PM - edited ‎07-29-2020 10:31 PM

I am currently still strengthening my networking skills since I just got my CCNA.

 

Currently I have a device that is using Audio over IP concepts. According to the documentation it uses Port 80 TCP (GUI-Management), and Port 655 TCP/UDP.  With this device, I have it connected to a switch with a Class C IP address (192.168.10.X/24). Here's where I'm having a hard time following:

 

-I was given a public IP address (203.0.10.10 -just as an example) by my company to take this device so it can get NAT'd into the internet so we can tie it with another device. However, there are firewall concerns and what not, back to the documentation, it states that if there is a firewall, open up port 6300 TCP and port 6301 TCP/UDP. (

 

On port 6300 - forward to 192.168.10.x/24 (my device) port 80, on port 6301 same ip but with tcp udp port 655 getting forwarded.....what is happening here? In this something a firewall does? Or is this almost like an Access-List concept? How can I lab something link this? 

 

All the configuration for the devices is on a WEB GUI and pretty easy to configure but the networking part made it tougher to understand. 

 

I really want to wrap my head around this because I can't seem to break it down. 

Labels:
0 Helpful
3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-29-2020 11:50 PM - edited ‎07-29-2020 11:50 PM

Hello @steveblurr ,

 

>> On port 6300 - forward to 192.168.10.x/24 (my device) port 80, on port 6301 same ip but with tcp udp port 655 getting forwarded.....what is happening here? In this something a firewall does? Or is this almost like an Access-List concept? How can I lab something link this?

 

Yes this is something that a firewall or a router can do as part of NAT operations if configured for this.

In Cisco IOS for routers this is called static NAT.

 

An IP address ( the public one) and a TCP port or UDP port are enough to define a service up to the application layer.

The NAT operations in this case are to convert the public IP address in a private one and the TCP port in another TCP port.

 

What is nice and powerful of this L4 aware NAT is that the same public IP address can represent different internal services hosted on different internal hosts if all of them are using different TCP or UDP ports.

The static NAT allows for connections started from outside world to trigger NAT this is the difference with standard NAT that is started inbound to outbound.

In your case this allows to receive an audio call started from outside or an audio stream.

 

 

Hope to help

Giuseppe

 

0 Helpful

steveblurr
Level 1
Level 1
In response to Giuseppe Larosa

‎07-30-2020 09:51 AM

So in other words,

 

My NAT should look similar to this access list:

 

permit tcp (source address) public_ip eq 80 (destination address) my_device_ip port 6300

permit udp (source address) public_ip eq 655 (destination address) my_device_ip port 6301

 

This is what I pictured in my head. Since, there's a main control room and I'm remote, this will make sense, correct? 

 

Because on the device GUI I can set the parameter to be my public ip:port number and it used that to communicate. 

 

0 Helpful

AntanasGustavaitis99100
Level 1
Level 1

‎08-01-2020 02:06 AM

geliniai lakai 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card