03-06-2009 10:42 AM
Can anyone let me know if I can nat 1 external ip to 3 internal ips? I have a client who wants to remote in on 3 different boxes on 1 ip address using idfferent port numbers.
Thanks for any help.
03-06-2009 11:02 AM
Hi,
This document shoud give you what you need
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708b4.shtml#t10
See the section called port redirection
Regards
03-06-2009 11:14 AM
Here is an example config
static (inside,outside) tcp 195.1.1.1 2001 10.1.1.1 ssh netmask 255.255.255.255
static (inside,outside) tcp 195.1.1.1 2002 10.1.1.2 ssh netmask 255.255.255.255
static (inside,outside) tcp 195.1.1.1 2003 10.1.1.3 ssh netmask 255.255.255.255
access-list in_on_outside permit tcp any host 195.1.1.1 range 2001 2003
Where 195.1.1.1 is external IP and 10.1.1.x is the internal IPs
Regards
03-06-2009 11:28 AM
Can you put ranges on this as well?
static (inside,outside) tcp 195.1.1.1 2001 10.1.1.1 ssh netmask 255.255.255.255
like 2001 - 2005
03-06-2009 12:09 PM
Hi,
I'm afraid you can't use a range on the static command.
Regards
03-09-2009 06:40 PM
Can I use a global outside command? For each of the 3 internal IP addresses I need to show ports
5631-5634, 1580-81, & 8081 - internal 1
5635-5638, 1582-83, & 8082 - internal 2
5639-5642, 1584-85, & 8083 - internal 3
Thanks,
Jeff
03-06-2009 11:03 AM
Yes you can provided the internal hosts all require different port numbers.
See the following port redirection example.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804708b4.shtml#t10
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: