Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
536
Views
0
Helpful
5
Replies

Port forwarding using NAT ?

smvoicerite
Level 1
Level 1

‎03-12-2008 04:10 AM - edited ‎03-03-2019 09:05 PM

Hi,

I have a range of ip address, and have all my LANs nat'ed to a single IP address.

All this works fine.

Now I want to add a static entry, to port forward SMTP arriving on my public IP address to an internal server.

(The outgoing traffic from the internal server normally gets nat'ed as with the rest of the lan to x.x.x.114)

I add an entry like

ip nat inside source static tcp x.x.x.118 25 192.168.1.9 25

I see the static translation in the sh ip nat translations.

However, when I try and telnet to port 25 of the public IP address x.x.x.118, I get a connection refused.

I have disabled ACLs for that address range, and have tested telneting from the router to the target server, specifying the external IP address as the source and it works.

I also have another server, which is completely staticly nat'ed to an external IP address, (with no tcp/udp ports) and that works fine.

However, I dont want to staticly nat 192.168.1.9 for all ports. Just for SMTP.

Any ideas what I may be doing wrong ?

Thanks

Labels:
0 Helpful
5 Replies 5

maxmarschall
Level 1
Level 1

‎03-12-2008 06:13 AM

You should configure "ip nat inside" and "ip nat outside" on your interfaces. But I think you're finished with this step, aren't you?

0 Helpful

smvoicerite
Level 1
Level 1
In response to maxmarschall

‎03-12-2008 06:17 AM

Actually I later realised that the remote system I was testing from, had some firewall that I was not aware of.

After testing over the internet from another PC, it worked fine !

Thanks

0 Helpful

james.leavers
Level 1
Level 1

‎05-20-2008 12:09 AM

Assuming x.x.x.118 is your global address - don't you have the addresses the wrong way round?

(config)#ip nat inside source static tcp ?

A.B.C.D Inside local IP address

(config)#ip nat inside source static tcp 1.1.1.1 25 ?

A.B.C.D Inside global IP address

interface Specify interface for global address

0 Helpful

shahedvoicerite
Level 1
Level 1
In response to james.leavers

‎05-20-2008 12:22 AM

yes, you are right. It was a typo on my part in the post.

I did get it to work fine later :-)

Thanks

0 Helpful

jamesl0112
Level 1
Level 1
In response to shahedvoicerite

‎05-21-2008 07:50 AM

I came across the post while searching for something else, and didn't notice there had already been some replies... ah well.

Congratulations on the fix anyway!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card