Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PAT with PIX (6.2)

Hi,

I am using PAT with PIX firewall. I have observed that PIX translates the source port number (for the packet from inside host) to a port number less than 1023 (well known port numbers), while sending it to outside world.

1. Is there a way to configure PIX (using PAT) to choose port number greater than 1023 for translation?

2. OR Keep the source port number the same as was from the original host ?

Regards \\ Naman

1 REPLY
Cisco Employee

Re: PAT with PIX (6.2)

The PIX wil translate the source port as follows (no way to change it):

- If the source port is TCP/UDP 1-511, then the PIX will PAT the SRC address to one in that range.

- If the source port is TCP/UDP 512-1023, then the PIX will PAT the SRC address to one in that range.

- If the source port is TCP/UDP 1024-65535, then the PIX will PAT the SRC address to one in that range.

The only way to make sure the PIX uses a number greater than 1023, is to make the originating host use a source port greater than 1023.

92
Views
0
Helpful
1
Replies
CreatePlease to create content