packet showing up on port 0 when I telnet to port 80?

---

• From: Chris Roberts <thecjguy1@xxxxxxxxx>
• Date: Wed, 20 Jul 2011 10:06:55 -0700 (PDT)

---

I have a GNS3 LAB with 3 routers.

I am trying to do a reversible NAT for several thousands of ports to
the server. (R1) for this purpose.
I try to telnet from R3 to R1 on any port (lets say 80 in this
instance),
I have an ACL (outside-in) set up on the interface of R2 to log the
traffic. and I see that a packet goes through on port "0"

Why do we have a packet showing up on port 0 when I telnet to port 80?
!
!
R2#ip nat inside source static 1.1.1.1 63.175.69.29 route-map inbound
reversible
route-map inbound permit 10
match ip address nat
!
route-map inbound deny 20
!
ip access-list extended nat
permit tcp any eq www any
permit tcp any range 60000 64999 any log
deny tcp any any log
!
!
R3# telnet 63.175.69.29 80
!(unless the ACL has permit any any, I get rejected, (Below))
R2#
*Mar 1 00:44:35.771: %SEC-6-IPACCESSLOGP: list outside-in permitted
tcp 34.34.34.4(0) -> 63.175.69.29(0), 1 packet
R2#
R2#
*Mar 1 01:48:26.051: NAT(acl): name nat failed

When coming from inside, the nat works, and the first packet shows the
correct port.
R2#*Mar 1 00:57:02.879: %SEC-6-IPACCESSLOGP: list nat permitted tcp
1.1.1.1(61804) -> 3.3.3.3(80), 1 packet

When coming from outside, the nat doesn't work, I think because The
first packet shows the incorrect port (0).
R3#telnet 63.175.69.29 80 /source Loopback0
R2(config-ext-nacl)#*Mar 1 00:49:32.051: %SEC-6-IPACCESSLOGP: list
nat permitted tcp 1.1.1.1(0) -> 3.3.3.3(0), 1 packet

Thanks,
Crzzy1

.

---

• Follow-Ups:
  • Re: packet showing up on port 0 when I telnet to port 80?
    • From: Martin Gallagher

• Prev by Date: etherchannel load-balancing and unpredictability
• Next by Date: Re: packet showing up on port 0 when I telnet to port 80?
• Previous by thread: etherchannel load-balancing and unpredictability
• Next by thread: Re: packet showing up on port 0 when I telnet to port 80?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: ISPs can easily decrease net abuse ... |use NAT with forwarding? ... When one of the inside systems wants to go out, the NAT device has to ... address to as it sends out the packets. ... Suppose the NAT box allocates port ... (comp.security.misc) Re: How did they get past my NAT? ... network), I get no response, because there is no "Default host" set up ... behind my NAT, and no port forwarding for that port - if an explicit ... as I understand?), and not forwarded on the router, so there should be ... (comp.security.firewalls) Re: firewall test and NAT ... off Internet address is 192.168.0.xxx. ... Port probes are looking for any open Port, and if they don't find one, they move on to the next possible victim without ever responding with an ACK to the Server. ... SRC is my NAT router on my 1st Ethernet port ... (microsoft.public.windowsxp.general) Re: Processs PreciseMail AntiSpam Gateway - any experience so far ? ... Client sending system ... >> ISP using dynamic NAT with port overloading. ... >> 10.11.12.1 is the clients real address and it opens a connection from its port ... (comp.os.vms) Re: firewall test and NAT ... off Internet address is 192.168.0.xxx. ... Port probes are looking for any open Port, and if they don't find one, they move on to the next possible victim without ever responding with an ACK to the Server. ... SRC is my NAT router on my 1st Ethernet port ... "John John" sends a message to "ToddAndMargo", NAT forwards the message and remembers this, it "waits" for a reply from ToddAndMargo and when the reply arrives from ToddAndMargo NAT sends it to John John. ... (microsoft.public.windowsxp.general)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

newsgroups.derkeiler.com  > Archive  > Comp  > comp.dcom.sys.cisco  > 2011-07