Where the PAT (Port Address Translation) can be configured

mipecAG

Hi

We have a strange behaviour that outgoing ports are translated to very low port numbers  (1040) the standard says, the PAT should be   Port+1, how comes we see from dynamic ports 49152 ..65535 are translated to 10xx  , how comes. We do not know if such low numbers could be suppressed any where (as we are having problems) (i'd like to move the to 32769+...)

Is there a statistic of the size of the NAT/PAT table and can it be logged in the syslog and probably the actual value of the translated port?

Regards

Ralph

Zyxel_Jeff

Hi @mipecAG

 

Theoretically, USG will dynamically assign the port which is unoccupied when doing NAPT behavior. And we can’t configure a specific range to dynamic ports.

According to your situation, there are some points we need to clarify:

(1). What USG model and firmware version you are using now?

(2). Does this phenomenon appear often?

(3). What kind of action of host lead to this phenomenon? 

(4). If the dynamic port change to 1040 or 10xx for a while, will it change to the higher range 49152 ..65535 again?

 

You can refer to the following link tutorial use USB to log traffic syslog.

That will help you to check your dynamic port number of historical traffic.

https://community.zyxel.com/en/discussion/4134/log-and-backup-to-usb

select Network category.

The traffic log will be logged.

Thanks.

PeterUK

Are you telling about the source port for outgoing connections? The USG will try not to change the source port when sending out the WAN.

Your ISP might be changing the source port?

If you do a packet capture in the USG for LAN and WAN load up some pages then compare the source port before and after NAT.