I have a router that has a public IP address on it's serial interface. I have a device on the private side that needs to have connections to the public IP address translated to it for port 1720 (H323) traffic.
However, I need to have traffic to port 1720 from a specific subnet not be translated so that the router can handling incoming H323 calls from our Callmanager system.
Is there a way to do this? The current NAT configuration is below:
ip nat inside source static tcp 10.40.0.49 1720 interface Serial0/0 1720
ip nat inside source route-map nonat interface Serial0/0 overload
access-list 102 deny ip 10.40.0.0 0.0.0.255 172.16.0.0 0.0.0.255
access-list 102 deny ip 10.20.0.0 0.0.0.255 172.16.0.0 0.0.0.255
access-list 102 permit ip 10.40.0.0 0.0.0.255 any
access-list 102 permit ip 10.20.0.0 0.0.0.255 any
route-map nonat permit 102
match ip address 102