ip nat translation port-timeout -- WHICH port?

Discussion in 'Cisco' started by Jon.R.Kibler, Jul 30, 2008.

  1. Jon.R.Kibler

    Jon.R.Kibler Guest


    A question about port-timeout: Which port does this refer to, the
    inside or outside port.

    For example:
    ip nat translation port-timeout udp 123 30

    Is this the 123/udp on the inside or outside network?

    Jon K
    Jon.R.Kibler, Jul 30, 2008
  2. Jon.R.Kibler

    News Reader Guest


    I suspect that it would influence any translation referencing the port
    number (inside global, inside local, outside local, outside global).

    Consider HTTP translations rather than NTP, because the client and
    server ports would differ with HTTP.

    Compare a translation for an outbound connection to an Internet-based
    Web server, and another translation for an inbound connection to a web
    server within your organization.

    In one instance it is the outside local and outside global addresses
    listening on port 80, and for the other it is the inside global and
    inside local addresses listening on port 80.

    Presumably, you would expect/want both translations to be influenced by
    your NAT translation port-timeout configuration. If not, you'd have to
    settle for a generic TCP timeout, or configure a timeout for all
    possible client ports for one of the two scenarios.

    Once connection initiation triggers the translation, I would expect
    traffic in either direction would reset the timer.

    Best Regards,
    News Reader
    News Reader, Jul 30, 2008
