paolo bevilacqua Tue, 06/03/2008 - 12:29
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi, you cannot create a real DMZ lan as the 851 does not supports more than 1 VLAN.


However with the "ip nat source inside" commands you can forward port ranges to a PC, that often is sane things as "DMZ host".


Hope this helps, please rate post if it does!



cauley.shane Tue, 06/03/2008 - 15:45
User Badges:

excuse my ignorance, but I thought you could only do single ports with that command. Do yo have a short config example by chance?


Thanks in advance.

cauley.shane Tue, 06/03/2008 - 16:11
User Badges:

Got it below~


ip nat pool p2p 192.168.1.10 192.168.1.10 netmask 255.255.255.0 type rotary

ip nat inside destination list 100 pool p2p

access-list 100 permit tcp any any range 6881 6999



Thanks for getting me on the right track!


Shane C.

Actions

This Discussion