Can I take a Cisco 851w and create a DMZ Host?

Unanswered Question
Jun 3rd, 2008

I have not been able to figure out how to make this possible.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Paolo Bevilacqua Tue, 06/03/2008 - 12:29

Hi, you cannot create a real DMZ lan as the 851 does not supports more than 1 VLAN.

However with the "ip nat source inside" commands you can forward port ranges to a PC, that often is sane things as "DMZ host".

Hope this helps, please rate post if it does!

cauley.shane Tue, 06/03/2008 - 15:45

excuse my ignorance, but I thought you could only do single ports with that command. Do yo have a short config example by chance?

Thanks in advance.

cauley.shane Tue, 06/03/2008 - 16:11

Got it below~

ip nat pool p2p 192.168.1.10 192.168.1.10 netmask 255.255.255.0 type rotary

ip nat inside destination list 100 pool p2p

access-list 100 permit tcp any any range 6881 6999

Thanks for getting me on the right track!

Shane C.

Actions

This Discussion