PROCESAMIENTO Y ANÁLISIS DE LA INFORMACIÓN:

2. PREGUNTA DE INVESTIGACIÓN

6.9 PROCESAMIENTO Y ANÁLISIS DE LA INFORMACIÓN:

Static PAT is a very efﬁcient way to utilize valuable public IP addresses. Static PAT is conﬁgured very similarly to static NAT, but as the name implies, it also provides the capability to translate based on the port number. For example, a single outside (global) IP address could be mapped to multiple inside (real) addresses using a port map.

The following commands use a single outside address (192.168.18.55) that clients can access; based on the port number accessed, it will redirect the connection to a variety of inside devices. A client can telnet to 192.168.18.55 on port 2023 and access the inside device 172.16.18.21, or telnet to 192.168.18.55 on port 3023 and access the inside device 172.16.18.253. Last, a client can open a web connection to 192.168.18.55 and access 172.16.18.83 on the inside. FWSM(config)# ssststttaataatitticiiccc ((I((IIINNSNNSSSIIDIIDDDEEEE,,O,,OUOOUTUUTTTSSSSIIDIIDDDEE)EE))) ttttccccpp pp 119119992222....116116866888..1..1811888..5..55555 55 22220000222233 33 1171177722.22.1..11166.66.1..1118888....2212211 1 tttteeeellnllnnneeteettt nnnneeeettmttmmmaasaasksskkk 222255555555..2..222555555.55...225225555555....222255555555 FWSM(config)# sstssttatataatttiiciiccc ((((IINIINSNNSSSIIDIIDEDDEEE,,O,,OOOUUTUUTSTTSSSIIIIDDEDDE)EE))) ttttccpccp pp 119119299222....111166866888..1..11188.88.5..55555 55 33330000222233 33 117117772222..1..11166.66...11811888....22522535533 3 tttteeleelnllnenneeetttt nnnneeeettmttmmmaasaasksskkk 222255555555..2..222555555.55...225225555555..2..22255555555 FWSM(config)# sstsstattaaattitticiiccc ((((IINIINNNSSSSIIIIDDEDDE,EE,,,OOOOUUTUUTTTSSISSIIIDDEDDEEE)))) ttttccpccppp 1111992992.22...1111666688.88...11811888..5..5555555 wwwwwwwwwwww 1111777722.22...11611666..1..1118888..8..83883 33 wwwwwwwwww ww nnnneeeettttmmammaaassksskkk 222 2555555.55.2..22255555555..2..22255555555..2..25225555555

Figure 4-5 shows an example of three clients on the outside of the FWSM connecting to three hosts on the inside of the FWSM. All the hosts are sharing a single IP address (PAT) and all are offering services.

Client 1 connects to Host 1 using Telnet:

Step 1 The client initiates a Telnet connection to the translated IP address of 192.168.18.55 using a destination port of 2023.

Step 2 The FWSM receives a packet from the client with a destination IP address of 192.168.18.55 and destination port of 2023. The FWSM changes the destination IP address to 172.16.18.21, the destination port number to 23 (Telnet), and changes the source port number to a value assigned by the FWSM. In this example, the port number assigned is 1114.

Step 3 The FWSM creates an entry in its local connection table and forwards that packet out the inside interface.

Step 4 The host receives the packet and responds to the original client’s IP address of 192.168.18.48 with a destination port of 1114.

Network Address Translation/Port Address Translation 65

Step 5 The FWSM receives the packet and modiﬁes the source IP address to 192.168.18.55 (the translated address), the destination port number to 1024, and the source port number to 2023, according to the information stored in the connection table.

Step 6 The FWSM sends the packet out the outside interface to the client. Client 2 connects to Host 2 using Telnet:

Step 1 The client initiates a Telnet connection to the translated IP address of 192.168.18.55 using a destination port of 3023.

Step 2 The FWSM receives a packet from the client with a destination IP address of 192.168.18.55 and destination port of 3023. The FWSM changes the destination IP address to 172.16.18.253, the destination port number to 23 (Telnet), and changes the source port number to a value assigned by the FWSM. In this example, the port number assigned is 1167.

Step 3 The FWSM creates an entry in its local connection table and forwards that packet out the inside interface.

Step 4 The host receives the packet and responds to the original client’s IP address of 192.168.18.83 with a destination port of 1167.

Step 5 The FWSM receives the packet and modiﬁes the source IP address to 192.168.18.55 (the translated address), the destination port number to 1024, and the source port number to 3023, according to the information stored in the connection table.

Step 6 The FWSM sends the packet out the outside interface to the client. Client 3 connects to Host 3 using WWW:

Step 1 The client opens a browser and enters the IP address of 192.168.18.55 (the translated address) using a destination port of 80 by default.

Step 2 The FWSM receives a packet from the client with a destination IP address of 192.168.18.55 and destination port of 80. The FWSM changes the destination IP address to 172.16.18.83, the destination port number remains the same, but the source port number is changed to a value assigned by the FWSM. In this example, the port number assigned is 1143.

Step 3 The FWSM creates an entry in its local connection table and forwards that packet out the inside interface.

Step 4 The host receives the packet and responds to the original client’s address IP address of 192.168.18.99 with a destination port of 1143.

Step 5 The FWSM receives the packet and modiﬁes the source IP address to 192.168.18.55 (the translated address) and the destination port number to 1024, according to the information stored in the connection table.

Step 6 The FWSM sends the packet out the outside interface to the client.

Although multiple devices on the inside provide services using the same IP address on the outside, distinction is made by the speciﬁc port numbers. Here is another great use of PAT saving Internet address space and reducing the risk to the host by allowing access to only one speciﬁc port.

Figure 4-5 Static PAT

Dest: 172.16.18.21 (23) Src: 192.168.18.48 (1114) Host 172.16.18.253 Client 192.168.18.83 Client 192.168.18.48 Client 192.168.18.99 Inside Outside Host 172.16.18.21 Host 172.16.18.83 Dest: 192.168.18.48 (1114) Src: 172.16.18.21 (23) Dest: 192.168.18.55 (2023) Src: 192.168.18.48 (1024) Dest: 192.168.18.48 (1024) Src: 192.168.18.55 (2023) Dest: 172.16.18.83 (80) Src: 192.168.18.99 (1143) Dest: 192.168.18.99 (1143) Src: 172.16.18.83 (80) Dest: 192.168.18.55 (80) Src: 192.168.18.99 (1024) Dest: 192.168.18.99 (1024) Src: 192.168.18.55 (80) Dest: 172.16.18.253 (23) Src: 192.168.18.83 (1167) Dest: 192.168.18.83 (1167) Src: 172.16.18.253 (23) Dest: 192.168.18.55 (3023) Src: 192.168.18.83 (1024) Dest: 192.168.18.83 (1024) Src: 192.168.18.55 (2023)

Network Address Translation/Port Address Translation 67

In document Caracterización sociodemográfica, nutricional y clínica de los casos de desnutrición aguda moderada y severa en niños y niñas menores de 5 años , en el departamento del Tolima para el año 2016 (página 50-53)