[CLUE-Tech] NAT on a Cisco 678.
David Anselmi
anselmi at americanisp.net
Mon Jul 1 21:40:53 MDT 2002
The talk today about DSL reminds me to ask this (since Frank Whiteley
seems to know everything about it :-)
When I do 'show nat' to see my translations, I see:
Local IP : Port Global IP : Port Timer Proto Interface
10.0.0.2:1072 192.243.4.107:10556 120 tcp eth0 wan0-0
So I'm only seeing the source side of the connection, not the
destination. If this is all there is in the nat table, does that mean
that any incoming packets to port 10556 will be passed to 1072 on my
internal machine?
Not that it matters, unless my machine happens to be listening on the
same port it's connecting on (possible but unlikely). Just trying to
understand how secure nat is. I haven't heard of any ways to break into
it, but I don't follow security much anymore.
Dave
More information about the clue-tech
mailing list