cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
441
Views
3
Helpful
4
Replies

translation status

suthomas1
Level 6
Level 6

can some one help to understand the following translation i see on  a remote firewall,asa.

PAT Global 20.20.10.10(24777) Local 172.16.24.10(37296)

PAT Global 20.20.10.10(63227) Local 172.16.24.10(34569)

i can numerous of these types.

what does the no. in parenthesis stand for each line and does this mean the connections are working fine.

TIA

1 Accepted Solution

Accepted Solutions

rmavila
Cisco Employee
Cisco Employee

Hi

The numbers in the paranthesis are the port numbers it is using. PAT Global 20.20.10.10(24777) Local 172.16.24.10(37296) tells us that inside ip 172.16.24.10 on source port 37296 is getting translated and will go out with ip 20.20.10.10 and source port 24777. The second connection will be using the next line of translations.Hope it answers your question.

Regards

Rahul

View solution in original post

4 Replies 4

rmavila
Cisco Employee
Cisco Employee

Hi

The numbers in the paranthesis are the port numbers it is using. PAT Global 20.20.10.10(24777) Local 172.16.24.10(37296) tells us that inside ip 172.16.24.10 on source port 37296 is getting translated and will go out with ip 20.20.10.10 and source port 24777. The second connection will be using the next line of translations.Hope it answers your question.

Regards

Rahul

Thanks, that clears it.

Now , if suppose the connection has a problem for any reasons & is not working. would i still be seeing translate like this.

Yes, The ASA might be building an xlate, but for example there might not be return traffic coming back.

You woule need to investigate.

I would suggest to use command "capture capout interface outside match ip host any" and after testing doing "sh cap capout" to see if you are sending the packets to the remote site and if there are packets coming back.

I hope it helps.

PK

thanks. following is a trace from asa for the packet flow.

192.168.200.5 - host

2.2.2.2 - internet based service

3.3.3.3 - public ip for host 192.168.100.5 ( nat done on asa )

nat ( local ) 1 192.168.100.5 255.255.255.255

global ( internet) 1 3.3.3.3

6 packets captured

   1: 07:20:03.624570 192.168.200.5.39419 > 2.2.2.2.25: S 3942230736:3942230736(0) win 8192

   2: 07:20:03.632047 2.2.2.2.25 > 192.168.200.5.39419: S 2209827644:2209827644(0) ack 3942230737 win 8192

   3: 07:20:03.719887 192.168.200.5.39419 > 2.2.2.2.25: . ack 2209827645 win 1460

   4: 07:20:03.726189 2.2.2.2.25 > 192.168.200.5.39419: P 2209827645:2209827739(94) ack 3942230737 win 64860

   5: 07:20:03.814822 192.168.200.5.39419 > 2.2.2.2.25: P 3942230737:3942230751(14) ack 2209827739 win 64766

   6: 13:50:04.013579 2.2.2.2.25 > 192.168.200.5.39419: . ack 3942230751 win 64846

____________

  1: 07:29:03.137276 3.3.3.3.24363 > 2.2.2.2.25: S 1840215282:1840215282(0) win 8192

   2: 07:29:03.142967 2.2.2.2.25 > 3.3.3.3.24363: S 762906101:762906101(0) ack 1840215283 win 8192

   3: 07:29:03.146644 3.3.3.3.24363 > 2.2.2.2.25: . ack 762906102 win 1460

   4: 07:29:03.153724 2.2.2.2.25 > 3.3.3.3.24363: P 762906102:762906196(94) ack 1840215283 win 64860

   5: 07:29:03.157599 3.3.3.3.24363 > 2.2.2.2.25: P 1840215283:1840215297(14) ack 762906196 win 64766

   6: 07:29:03.344052 2.2.2.2.25 > 3.3.3.3.24363: . ack 1840215297 win 64846

   7: 07:29:05.164099 2.2.2.2.25 > 3.3.3.3.24363: P 762906196:762906228(32) ack 1840215297 win 64846

   8: 07:29:05.168661 3.3.3.3.24363 > 2.2.2.2.25: P 1840215297:1840215303(6) ack 762906228 win 64734

   9: 07:29:05.168722 3.3.3.3.24363 > 2.2.2.2.25: F 1840215303:1840215303(0) ack 762906228 win 64734

  10: 07:29:05.175573 2.2.2.2.25 > 3.3.3.3.24363: . ack 1840215304 win 64840

  11: 07:29:05.175741 2.2.2.2.25 > 3.3.3.3.24363: P 762906228:762906276(48) ack 1840215304 win 64840

  12: 07:29:05.175772 2.2.2.2.25 > 3.3.3.3.24363: F 762906276:762906276(0) ack 1840215304 win 64840

  13: 07:29:05.179296 3.3.3.3.24363 > 2.2.2.2.25: R 1840215304:1840215304(0) ack 762906276 win 0

  14: 14:01:33.674754 3.3.3.3.13197 > 2.2.2.2.25: S 3161967592:3161967592(0) win 8192

My sight dont see any wrong with the flow. however emails cant be sent out from hosts.

packet trace gives allowed flow for each stage.

I also tried permitting tls under mail policy map.

Is there any other part remaining to be checked on the asa.

TIA

Message was edited by: suthomas1

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: