Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1220
Views
4
Helpful
4
Replies

Port Forwarding on 851W Router

timothybrach
Level 1
Level 1

‎12-11-2007 02:43 PM - edited ‎03-03-2019 07:53 PM

Hello!

I have setup an 851W integrated services router in my home office as an additional study tool (and superb quality wireless router) for my certification prep.

I have been able to setup all basic router settings via a combination of the SDM and using basic CLI commands.

I have a server behind the router and I would like to setup port forwarding to a specific LAN IP from the WAN IP.

Using the CLI, is it possible to setup port forwarding using several TCP/UDP ports to a single interanl LAN IP? Am I limited to only one TCP and one UDP port per LAN IP?

Thanks for any help!

Labels:
0 Helpful
4 Replies 4

JORGE RODRIGUEZ
Level 10
Level 10

‎12-11-2007 04:17 PM

Tim, I have not worked with 800 series routers however, your requirements should be feasable through NAT, go over this link under features enhenments , it would be a matter to build a configuration and access list for your reuiqrements.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080091cb9.shtml

HTH

Jorge

pls rate helpful posts !

Jorge Rodriguez

timothybrach
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎12-11-2007 04:44 PM

Thanks for the post and link, Jorge! It would appear that the following command would work for opening up at least one port to an internal IP:

ip nat inside source static { tcp | udp }

Couldn't I simply apply this rule several times to account for all the different UDP/TCP ports that need to be opened to the internal IP?

In other words...

ip nat inside source static tcp 80 80

Then again...

ip nat inside source static udp 11180 11180

And then continue to do this until all the ports I need opened are entered?

Thank you again!

0 Helpful

JORGE RODRIGUEZ
Level 10
Level 10
In response to timothybrach

‎12-11-2007 05:29 PM

It should be ok to do multiple tcp udp services for same local IP, and build the access list to allow inbound tcp/udp traffic .

e.g. fe0/0 is the ip nat outside interface in this example.

ip nat inside source static tcp 10.10.10.1 23 interface fastEthernet0/0 23

ip nat inside source static tcp 10.10.10.1 21 interface fastEthernet0/0 21

ip nat inside source static tcp 10.10.10.1 80 interface fastEthernet0/0 80

Jorge Rodriguez
0 Helpful

timothybrach
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎01-13-2008 02:44 PM

Jorge! Thanks again for your help on this topic.

I have yet another request that I'm hoping you might be able to assist me on.

If I would like to forward all traffic on all ports from my public IP to a specific LAN IP (and not go through and set each tcp/udp port), what would be the correct IOS command?

I tried the following where:

Public IP: 172.11.2.1

Private IP: 172.11.2.4

enable

config

ip nat inside source static 172.11.2.4 172.11.2.1

All that did was effectively shut down my internet connection on the server I am trying to forward traffic to. You might be able to explain why the command I entered did this, but I'm not quite sure why.

Again, I am simply trying to forward any outside traffic via all available ports to a single, private LAN IP (ie. a game server) and not setup each specific UDP/TCP ports.

Thank you very much for any guidance! --Tim

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card