Port translate 2 ports back to the same place?

Unanswered Question
May 24th, 2010

Using NAT is it possible to Port Translate 2 ports ie tcp 80 and tcp 81 back to tcp 80 on 1 ip address?


static (inside,outside) tcp interface 80 80 netmask
static (inside,outside) tcp interface 81 80 netmask

I understand that it would not be possible with a one-to-one static mapping, but with port translation I assumed it would be no problem.

However, the ASA rejects due to a conflict.

Could someone explain technically the reasons for this?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Mon, 05/24/2010 - 05:24


The ASA will not allow a mapping of the same internal IP and the same port to different ports.

There's no obvious problem for incoming traffic.

But the reason is the outgoing reply.

When a packet sourcing from IP on port 80 gets to the ASA, the ASA will not know if translate it to port 81 or leave it with port 80 as both above static statements overlap.

Hope it helps.



This Discussion