why mutiple NAT/PAT session mapping

Discussion in 'Cisco' started by JJ, Jun 13, 2005.

  1. JJ

    JJ Guest

    Dear All Guru :

    Under what conditions , the PAT will have more session mapping ?

    In theory , if the client site always using the same ip and port no,
    go to the same destination ip , port ; there should be one PAT mapping
    , right ?

    lab>sho ip nat tran | inc
    udp 202.xxx.yyy.34:1024 210.xx.yy.zz:5060
    udp 202.xxx.yyy.34:1058 210.xx.yy.zz:5060

    client , port 5060 unchanged
    destination 210.xx.yy.zz , port 5060 unchanged

    ps: the NAT device is Cisco Router IOS NAT
    Cisco Internetwork Operating System Software
    IOS (tm) 3600 Software (C3620-IK9O3S6-M), Version 12.3(5a), RELEASE
    SOFTWARE (fc1)

    Thanks for telling me any ideas
    JJ, Jun 13, 2005
    1. Advertisements

  2. JJ

    Carl Guest

    it's interesting you ask this because I do not see the point in doing
    PAT in the situation as above. I have seen issues with this when using
    SIP and CBAC (ip inspect) with a Cisco 837 in that SIP responses from
    the proxy server (to the PAT port) are denied. To overcome this I
    needed to put a static translation for port 5060 client/server. Anyone
    else seen this ??

    Carl, Jun 13, 2005
    1. Advertisements

  3. JJ

    Hansang Bae Guest

    Assuming the SOURCE port is not ephemeral, then yes. In your example
    below, the source ports are different.



    "Somehow I imagined this experience would be more rewarding" Calvin
    **************************ROT13 MY ADDRESS*************************
    Due to the volume of email that I receive, I may not not be able to
    reply to emails sent to my account. Please post a followup instead.
    Hansang Bae, Jun 16, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.