I have a Pix 515e and when I do a show xlate I see the outside "destenation" IP address and the natted address with port numbers. My question is how do I correlated the natted address with port numbers to a inside users IP address?
I had to reread this a couple of times to fully understand the intent.
XLATE refers to PAT (Global) so what you are seeing is the PIX box creating internal port maps to internal port maps. Theres little to correlate other than there is a reasignment. Meaning I don't know of any way or need to try to manipulate the port translation.
Could you be a bit more specific as to what your trying to accomplish?
PAT Global 18.104.22.168 (36505) Local 192.168.1.1(2441)
PAT Global 22.214.171.124 (36504) Local 192.168.1.1(1028)
the first two entries indicate that these private ips have static nat configured, since it is static, there is no port number associated.
the bottom two entries have a key word pat indicates taht these are patted by the pix. e.g. the original port is 2441 and it is being translated to 36505. the port shown here is the source port not the destiation port.
further, you may do "sh conn" to obtain more detail such as the destination port etc.
UDP out 126.96.36.199:53 in 192.168.233.52:1028 idle 0:00:20 flags d
as you can see, this output has the original ip and port, which maps the last entry of the previous output.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...