Port Forwarding on 851W Router

Unanswered Question
Dec 11th, 2007


I have setup an 851W integrated services router in my home office as an additional study tool (and superb quality wireless router) for my certification prep.

I have been able to setup all basic router settings via a combination of the SDM and using basic CLI commands.

I have a server behind the router and I would like to setup port forwarding to a specific LAN IP from the WAN IP.

Using the CLI, is it possible to setup port forwarding using several TCP/UDP ports to a single interanl LAN IP? Am I limited to only one TCP and one UDP port per LAN IP?

Thanks for any help!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
timothybrach Tue, 12/11/2007 - 16:44

Thanks for the post and link, Jorge! It would appear that the following command would work for opening up at least one port to an internal IP:

ip nat inside source static { tcp | udp }

Couldn't I simply apply this rule several times to account for all the different UDP/TCP ports that need to be opened to the internal IP?

In other words...

ip nat inside source static tcp 80 80

Then again...

ip nat inside source static udp 11180 11180

And then continue to do this until all the ports I need opened are entered?

Thank you again!

JORGE RODRIGUEZ Tue, 12/11/2007 - 17:29

It should be ok to do multiple tcp udp services for same local IP, and build the access list to allow inbound tcp/udp traffic .

e.g. fe0/0 is the ip nat outside interface in this example.

ip nat inside source static tcp 23 interface fastEthernet0/0 23

ip nat inside source static tcp 21 interface fastEthernet0/0 21

ip nat inside source static tcp 80 interface fastEthernet0/0 80

timothybrach Sun, 01/13/2008 - 14:44

Jorge! Thanks again for your help on this topic.

I have yet another request that I'm hoping you might be able to assist me on.

If I would like to forward all traffic on all ports from my public IP to a specific LAN IP (and not go through and set each tcp/udp port), what would be the correct IOS command?

I tried the following where:

Public IP:

Private IP:



ip nat inside source static

All that did was effectively shut down my internet connection on the server I am trying to forward traffic to. You might be able to explain why the command I entered did this, but I'm not quite sure why.

Again, I am simply trying to forward any outside traffic via all available ports to a single, private LAN IP (ie. a game server) and not setup each specific UDP/TCP ports.

Thank you very much for any guidance! --Tim


This Discussion