Multi-Tech Systems RF660 User Manual
Page 144
Appendix A – Disposition of Events
Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)
144
Inbound Access (DNAT with Connection Tracking)
Figure 3
–
Inbound Access (DNAT with Connection Tracking)
Description of Figure 3
The Access request originated from the source (204.26.122.9) to the destination (204.54.39.103), which is further
DNATTED to the ip-address 192.168.1.76 on port 20:21.
The above figure illustrates a capture of the FTP service.
•
Slno 1, in the above snapshot corresponds to the control connection (Remarks in the second half of the snapshot
is a continuation of the capture).
Remarks:
“
Inbound Accepted
DNAT ip:port = 192.168.1.76:20:21
”
Src: 204.26.122.9, Dst: 202.54.39.103, DNATTED to 192.168.1.76 on Port 20:21.
•
Slno 2, corresponds to a PASV Data connection. (Src:204.26.122.9, destined to 202.54.39.103, which in turn is
DNATTED to 192.168.1.76 on port 62191).
Remarks:
“
Inbound Accepted
[SRC=204.26.122.9:DST=202.54.39.103:SPORT=41216:DPORT=21]
Dnat ip:port = 192.168.1.76:21
”
o
Inbound Accepted –
Inbound Log
o
[SRC=204.26.122.9:DST=202.54.39.103:SPORT=41216:DPORT=21]
– This corresponds to the
“CONTROL connection information” for this data connection.
o
Dnat ip:port = 192.168.1.76:21
” – This corresponds to the “CONTROL connection’s DNATTED
ipaddress” for this data connection.
•
Slno 3, corresponds to the ACTIVE Data connection originated from 192.168.1.76 (on SRC-PORT 20), which is
masqueraded to a SRC:202.54.39.103 at the WAN interface of the candidate firewall, destined to 204.26.122.9.
Remarks:
“
Inbound Accepted
[SRC=204.26.122.9:DST=202.54.39.103:SPORT=41216:DPORT=21]
Dnat ip:port = 192.168.1.76:21
”
o
Inbound Accepted –
Inbound Log
o
[SRC=204.26.122.9:DST=202.54.39.103:SPORT=41216:DPORT=21]
– This corresponds to the
“CONTROL connection information” for this data connection.
o
Dnat ip:port = 192.168.1.76:21
” – This corresponds to the “CONTROL connection’s DNATTED
ipaddress” for this data connection.