firewall nat ports being used

Unanswered Question
Nov 3rd, 2009
User Badges:

This is a general query & doesnt the error seen is not of a cisco firewall. this is from a mcafee firewall which quite often gives "all nat ports being used" message.

Not certain what it means & if it has impact on overall performance of the firewall.

Appreciate suggestions.

Thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 11/03/2009 - 03:48
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Sunny


It may be to do with a NAT overload ie. where you translate multiple private IP addresses to one public IP address.


With this setup the firewall doesn't just translate the IP address but also has to modify the port number. Because there is a finite number of ports ie. 1 - 65535 it may be that the firewall has run out of available ports ie. there are too many private addresses that need translating for the available ports.


Note that not all of the 1 - 65535 port numbers are available to the firewall when doing NAT overload.


Jon

suthomas1 Tue, 11/03/2009 - 04:01
User Badges:

Thanks Jon. This one involves a one on one NAT description for an application server to be made accessible from internet.

Any indications on how this could be the case.


Actions

This Discussion