- Posts: 1
- Thank you received: 0
NAPT
16 years 7 months ago #26176
by ikon
Port Address Translation
Rather than have static 1 to 1 NAT whereby you assign 1 ip address on your outside network to 1 IP address on your inside network, you can use PAT (NPAT)
In the senario where you ISP has issued you one static address you can use PAT to allow multiple machines to connect to the internet through the 1 static ip that your isp assigned you.
it works like this
for each device that connects the router/firewall will assign i high port number to that device eg
Router configure with outside interface 212.49.123.48 and PAT enabled for the outside interface.
212.49.123.48:27567 <
(pc1)
212.49.123.48:27568 <
(pc2)
as PC opens a socket to the firewall the firewall will assign the PC packet/frame with a Dyamnic High range Port ( like and Tracker)
the router can then work out the traffic for each device as these connections are held in memory.
on a cisco pix you canuse the "show xlate" command tio view current PAT's
each firewall/router will have a unique way of dealing with PAt but the thoery is the same
one thing to remember is PAT can cause problems with multimedia application on the web that use high port ranges.
Thanks
Rather than have static 1 to 1 NAT whereby you assign 1 ip address on your outside network to 1 IP address on your inside network, you can use PAT (NPAT)
In the senario where you ISP has issued you one static address you can use PAT to allow multiple machines to connect to the internet through the 1 static ip that your isp assigned you.
it works like this
for each device that connects the router/firewall will assign i high port number to that device eg
Router configure with outside interface 212.49.123.48 and PAT enabled for the outside interface.
212.49.123.48:27567 <
(pc1)
212.49.123.48:27568 <
(pc2)
as PC opens a socket to the firewall the firewall will assign the PC packet/frame with a Dyamnic High range Port ( like and Tracker)
the router can then work out the traffic for each device as these connections are held in memory.
on a cisco pix you canuse the "show xlate" command tio view current PAT's
each firewall/router will have a unique way of dealing with PAt but the thoery is the same
one thing to remember is PAT can cause problems with multimedia application on the web that use high port ranges.
Thanks
Time to create page: 0.113 seconds