ip nat ports

I'm in packet tracer and I got nat to work with webpages. When I look at the translations, the computers have the same port numbers. But when I was looking at the second and the last address on the list there are different ports between the inside global and local. Why is that? I thought they had to have the same port number in order to know what computer to send the information to.

zero#sh ip nat tr
Pro Inside global Inside local Outside local Outside global
tcp 192.168.10.1:1026 192.168.0.2:1026 192.168.1.2:80 192.168.1.2:80
tcp 192.168.10.1:1024 192.168.0.34:1026 192.168.1.2:80 192.168.1.2:80
tcp 192.168.10.1:1025 192.168.0.35:1025 192.168.1.2:80 192.168.1.2:80
tcp 192.168.10.1:1027 192.168.0.35:1026 192.168.1.2:80 192.168.1.2:80

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

Monkerz

The nat table tells the router what IP to send the packets to. Port numbers do not have to be the same, they are subject to availability.

jamesleecoleman

But wouldn't the port number need to be same between the inside local and inside global to send the data to the right application?

alan2308

What if two different computers tried to access the Internet using the same port number? If the port numbers had to match, the whole scheme would break here.

Monkerz

jamesleecoleman wrote: »

But wouldn't the port number need to be same between the inside local and inside global to send the data to the right application?

To answer your question, no they do not. Let me try to lay this out:

Lets say the hosts using 192.168.10.5 and 192.168.10.6 want to access the Cisco homepage (198.133.219.25). They would both send a request to 198.133.219.25:80. The PC would randomly select ports that will direct traffic to the certain applications requesting it, in this case IE. This is what those requests would look like:

Host (192.168.10.5)
Source 192.168.10.5:4444 Destination 198.133.219.25:80

Host (192.168.10.6)
Source 192.168.10.6:1246 Destination 198.133.219.25:80

The router receives the requests and NATs the 192.168.10.0/24 IPs to 66.11.33.129, but both ports 4444 and 1246 have been used by other hosts. The router then randomly selects two available ports (2545 and 3111) and adds the translations to the NAT table:

Inside local
Inside Global
Outside local
Outside Global
192.168.10.5:4444 --66.11.33.129:2545--198.133.219.25:80--198.133.219.25:80

192.168.10.6:1246 --66.11.33.129:3111--198.133.219.25:80--198.133.219.25:80

The packets leave the router looking like this:

Host (192.168.10.5)
Source 66.11.33.129:2545 Destination 198.133.219.25:80

Host (192.168.10.6)
Source 66.11.33.129:3111 Destination 198.133.219.25:80

The Cisco server gets the packets. Creates replies, attaches the requested data and sends them back to the Inside Global Address. The packets look like this:

Host (192.168.10.5)
Source 198.133.219.25:80 Destination 66.11.33.129:2545

Host (192.168.10.6)
Source 198.133.219.25:80 Destination 66.11.33.129:3111

The router receives these packets and translates them to inside local addresses that are in the NAT table:

Host (192.168.10.5)
Source 198.133.219.25:80 Destination 192.168.10.5:4444

Host (192.168.10.6)
Source 198.133.219.25:80 Destination 192.168.10.6:1246

Hope this helps...

jamesleecoleman

Wow, thanks monkerz!