Natting on router to firewall

Unanswered Question
Sep 30th, 2008

Hi , If a have a static address on my router interface, would it be possible to nat from the ip of the interface to an internal address so it forwards all traffic destined from that interface to an internal ip ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Marwan ALshawi Tue, 09/30/2008 - 01:11

lets say ur public ip on interface fa0/0

and u have internal ip 192.168.1.1 u want this IP to to be used from internet if u have only this IP and u want it for internal users to use the internetr and to access the internal private IP from internat useing the same IP u need to dop what is known as port forwarding static PAT

lets say u wann access the internal ip mentioned above thorugh the public ip on the fa0/0 to use http

use the following config

lets say ur internal interface is fa0/1

internal subnet 192.168.1.0/24

u will access 192.168.1.1 through the IP in the fa0/0 which is static public:

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source static tcp 192.168.1.1 80 interface fa0/0 80

ip nat inside source list 1 interface fa0/0 overload

interface fa0/0

ip nat outside

interface f0/1

ip nat inside

the above config will let internal users to get PATed to the internet and allow http access to the internal device with ip 192.168.1.1 u can add what ever port u want and if u have ACLs on the outside interface u nedd to permit the traffic coming the outisde IP

good luck

if helpful Rate

carl_townshend Tue, 09/30/2008 - 01:38

Hi there, I did not want to use PAT, I wanted to use NAT if poss, I guess I will have to see if there is a spare public ip I can use...

cheers

Carl

Actions

This Discussion