NAT question

Unanswered Question
May 1st, 2007
User Badges:

Hi,


Behind C2801 router we have a mail server (172.20.17.35) which is avialabe to the outside world and there was a NAT config as below.

ip nat inside source static tcp 172.20.17.35 25 X.X.X.X 25 extendable



We allow HTTPS acceess to the same server and configured another NAT using the same NATTED IP address ( X.X.X,X), it did not establish the connection while it built NAT in the table.

ip nat inside source static tcp 172.20.17.35 443 X.X.X.X 443 extendable



Then, we tried another NATTED Ip address (X.X.X.Y), then it worked.

ip nat inside source static tcp 172.20.17.35 443 X.X.X.Y 443 extendable


Why can't we use the same NATTED IP addresses while it is only a port translation?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bjornarsb Wed, 05/02/2007 - 06:04
User Badges:
  • Bronze, 100 points or more

Hi,


Static PAT is the same as static NAT, except it lets you specify the protocol (TCP or UDP) and port for the local and global addresses.


This feature lets you identify the same global address across many different static statements, so long as the port is different for each statement (you CANNOT use the same global address for multiple static NAT statements).


For example, if you want to provide a single address for global users to access FTP, HTTP, and SMTP, but these are all actually different servers on the local network, you can specify static PAT statements for each server that uses the same global IP address, but different ports


Regards


Bjornarsb


bjornarsb Wed, 05/02/2007 - 06:17
User Badges:
  • Bronze, 100 points or more

.....And for PAT you cannot use the same local or global address in multiple static statements between the same two interfaces.

Actions

This Discussion