NAT Translations...Inside/Outside address the same

Unanswered Question
Jun 24th, 2008

Seeing a really odd NAT Translation on a remote site rtr.

tcp 209.153.x.x:53678 10.1.10.5:53678 209.153.x.x:13806 209.153.x.x:13806

The 'Inside global(209.153.x.x)' is correct(routable IP we use to route all NAT addresses), the 'Inside Local(10.1.10.5)' is correct(the NAT address that host is getting)...

BUT

the 'Outside Local(209.153.x.x)' address is the same as the Inside Global and the 'Outside Global(209.153.x.x)' is the same.

In all my experience and everything I've seen before, the Outside Local should be the address that host is going to. It should NEVER be the same as the 'Inside Global'.

Am I wrong on this? Or is something weird going on? I've noticed this at a couple remote sites now, and best I can tell the configs are correct. Checked, double-checked, verified against other sites that I have not seen this at...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
stephen.stack Tue, 06/24/2008 - 08:29

Hi,

Having read through this document a little bit it appears that this a normal 'inside to outside' Nat translation.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094837.shtml

I seems that the port numbers 53678 is a random port chosen by nat to preform PAT and the port nummber 3806 is the port that the internal host needs to connect to - externally.

I am open to correction on this.

Hope this helps (please rate if it does)

Stephen

shane.wesley Tue, 06/24/2008 - 08:38

Thank you for the reply. I also read that earlier, and this is what I took from it...

"The local addresses are addresses that appear on the inside cloud. Global addresses are addresses that appear on the outside cloud. Because of the way NAT is configured, the inside addresses are the only addresses that are translated. Therefore, the inside local address is different from the inside global address."

That and the fact none of the examples they show have the same 'local' & 'global' address...Tells me they shouldn't be the same???

But I don't know, maybe I'm incorrect...What would be the reason to translate a public-to-NAT-back to the same public?

sdoremus33 Tue, 06/24/2008 - 11:21

PAT would be an explanation of this

Ex:

HstA -----> PAT -----> Internet---->

Hst B

There is usually one public address that all networks on the private network share but the src posrt of the outgoing datagram is changed to a unique value that is used to associate return datagrams with the originating private address. HTH

stephen.stack Wed, 06/25/2008 - 00:08

Ok,

Lets look at it this way. Let's assume the NAT Translation is correct. Then it could be a case where some thing inside your network is attempting to contact the external/public IP of your network.

For example;

A windows host with outlook installed configured to retrive mail from your public IP address. This would case this type of translation.

HTH

Stephen

Actions

This Discussion