Table of Contents
Advertisement
Command Reference Guide
ip firewall nat-preserve-source-port
Use the ip firewall nat-preserve-source-port command to enable the firewall to preserve the source port
of a Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) session for traffic going
through source network address translation (NAT). By enabling this feature, the router will try to allocate
NAT ports that match the original source ports of the traffic. If the source port is already allocated for a
different traffic flow, it will choose the next available source port. Use the no form of this command to
disable this feature. Variations of this command include the following:
ip firewall nat-preserve-source-port
ip firewall nat-preserve-source-port record-source-address
The AOS firewall must be enabled (using the command
stateful inspection firewall to be activated.
Syntax Description
record-source-address
Default Values
By default, the nat-preserve-source-port feature is enabled.
Command History
Release 14.1
Functional Notes
Specifying record-source-address consumes 250 k of memory per public NAT IP address. Be sure there
is adequate memory available before enabling this feature.
Usage Examples
The following example enables nat-preserve-source-port:
(config)#ip firewall nat-preserve-source-port
60000CRG0-35E
Optional. Specifies that the original source port be preserved for multiple
TCP/UDP traffic flows with the same source address.
Command was introduced.
Copyright © 2012 ADTRAN, Inc.
Global Configuration Mode Command Set
ip firewall on page
999) for the
1015
Advertisement
Table of Contents
