Newell Ryan D SrA 18 CS/SCBT wrote: > > Never mind. I figured it out. Just had to write the problem out > in an email > to get my mind working. > When I was capturing data the SYN/ACK source port would change > from 1-6. > That made me thank about how overloading works. The interface > was configured > as an outside interface. The overload IP was the IP of the > interface I was > attempting to telnet to. That's why layer 3 looked okay. But > layer 4 threw > me off. When my reply packets got subjected to the NAT > translation process > the router would change the source port according to the number > of entires > it had. That is why it would change from 1-6. Sorry for sending > this in. I > should of thought about it a little bit more :-(
Good one. Thanks for sending it in! Did you get an analyzer trace? It would be great for a training class. :-) Priscilla > > > -----Original Message----- > From: Newell Ryan D SrA 18 CS/SCBT > Sent: Thursday, January 23, 2003 7:51 PM > To: '[EMAIL PROTECTED]' > Subject: Telnet SYN/ACK pkt reply on TCP source port 3-6!!?? > > I tried to telnet to a distant end 3660 router. Connection > would timeout. I was able to ping the router from my PC. The > router > could telnet to the router that was between my PC and > itself. Ran capture and the data yielded this.... > > IP Source 10.0.0.1 Destination 10.0.1.2 TCP SYN destination > port 23 source port 2407 > IP Source 10.0.1.2 Destination 10.0.0.1 TCP SYN/ACK > destination port 2407 source port 6 > IP Source 10.0.0.1 Destination 10.0.1.2 TCP RST destination > port 6 source port 2407 > > 10.0.0.1 is my PC and 10.0.1.2 is the distant end router. I > believe the RST bit is set on the last packet because my PC is > not listening > to that port. So it closes this connections with the RST bit. > > We got it working. But the funny thing is..... > > The user's 3660 had two interfaces. One on his LAN and one > on my LAN. He was using NAT. He had ip nat outside on both > interfaces. The > inside interface was suppose to face my LAN. Once we removed > NAT from the > interface facing my LAN, I could telnet to that interface. The > NAT string > told the router to overload the interface facing my LAN. > > I understand that removing the misconfiguration fixed my > first problem but why? > > - > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=61692&t=61661 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
