After I configured NAT overload as follows:
int f 0/0
desc *** Inside Interface - Private Address ***
ip address 10.10.10.1 255.255.255.0
ip nat inside
int s 0/0
desc *** Outside Interface - Public Address ***
ip address 18.104.22.168 255.255.255.252
ip nat outside
ip route 0.0.0.0 0.0.0.0 22.214.171.124
access-list 100 permit ip 10.10.10.0 0.0.0.255 any
ip nat inside source list 100 interface s0/0 overload
No external host can telnet to its IP address 126.96.36.199. It seems like the router changes the destination TCP port to some other port numbers. Is this normal behavior of NAT overload?
To work around the issue, I added the following static nat command:
ip nat inside source static tcp 188.8.131.52 23 interface s0/0 23
It seems to work, i.e. the router PATs internal source addresses to 184.108.40.206 like usual, and also external host can now telnet to IP address 220.127.116.11.
Can anyone verify this is the correct workaround?