Lab 33: Configuring HSRP, Tracking, and Asymetrical Routing-Part I

 <  Free Open Study  >  

NAT and Nonstandard FTP Port Numbers

When using FTP, the arguments to the ftp port command include an IP address embedded in the data stream. To accommodate this, Cisco routers recognize port 21 and take the appropriate steps in replacing the data with the new translated address and recomputing the necessary checksums. A problem happens when FTP is using nonstandard port numbers. NAT cannot recognize the data stream as being an FTP request, so it passes the packet along without the necessary modifications. Naturally, the request will fail when it reaches the host because the address in the payload differs from the address in the IP header.

In Cisco IOS Software Release 11.3(3) and Cisco IOS Software Release 11.2.(13), Cisco introduced the capability to use nonstandard TCP port numbers for FTP. The command ip nat service list [ 1-100 ] ftp tcp port xxxx calls an access list of the networks to be translated and then looks for FTP packets operating on port xxxx. If the router finds a match, it makes the necessary changes to that packet for FTP to operate .

 <  Free Open Study  >  


CCIE Practical Studies, Volume I
CCIE Practical Studies, Volume I
ISBN: 1587200023
EAN: 2147483647
Year: 2001
Pages: 283
Authors: Karl Solie

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net