Port forwarding on Cisco 28xx

Unanswered Question

We have successfully set up NAT on one of our public IP?s.

Internal subnet 10.0.2.x is translated to one single Public IP (from now on named: PUBLIC)

Next thing to do is that we need some specific ports to be forwarded to a specific internal IP. Is that possible without adding a new router?

We want to do this:

Incoming traffic from

PUBLIC : 1000 --> 10.0.2.10 : 1000

PUBLIC : 2000 --> 10.0.2.20 : 1000

Here is config on how the VLAN is set up now (and one more thing there: as far as I can see "access-list extended VLAN2-outbound" is not used, at least not for interface VLAN2, correct?):

interface Vlan2

ip address 10.0.2.1 255.255.255.0

ip access-group VLAN2-inbound in

ip nat inside

ip inspect OUTSIDE_OUT out

ip virtual-reassembly

!

ip nat pool vlan2_nat_pool 10.0.1.1 10.0.1.255 netmask 255.255.255.0

ip nat inside source list 10 interface FastEthernet0/1 overload

!

ip access-list standard NAT_VLAN2

remark SDM_ACL Category=2

permit 10.0.2.0 0.0.0.255

!

ip access-list extended VLAN2-inbound

remark VLAN2 to router

remark SDM_ACL Category=1

remark Auto generated by SDM for NTP (123) 129.240.64.3

permit udp host 129.240.64.3 eq ntp host 10.0.2.1 eq ntp

permit udp any any eq bootps

permit ip 10.0.2.0 0.0.0.255 any

ip access-list extended VLAN2-outbound

remark VLAN2 PAT inside to outside

remark SDM_ACL Category=2

deny ip host 10.0.2.1 any

permit ip 10.0.2.0 0.0.0.255 any

!

logging trap debugging

access-list 10 permit 10.0.2.0 0.0.0.255

Ruben Edna

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion