cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
26729
Views
5
Helpful
4
Replies

Port Forwarding

To Group

i have public pool IP of 252 i m running internet over  it  Media box is situated at inside LAN .my client want port forwarding
to  access  Media BOX and its lan ip is  192.168.10.30 i did following  configuration but couldn't get success

correct me if i m wrong i  think due to unavailability of public IP  it wouldnt easy for me to do  successful port forwarding
i did following configuration

interface  FastEthernet0/0
ip address 192.168.30.1 255.255.255.0
ip  nat inside
!
interface FastEthernet0/1
ip address   210.2.144.150 255.255.255.248
ip nat outside
!
ip nat pool  Forwarding 192.168.30.10 192.168.30.10 netmask 255.255.255.0 type rotary
ip   nat inside source list 101 interface FastEthernet0/1 overload
ip nat  inside destination list WOW pool Forwarding
!

access-list 101  permit ip 192.168.30.0 0.0.0.255  any

ip access-list extended  WOW
permit tcp any any range 19 19000

2nd configuration i  made on assumption that my client have public ip of 210.2.144.151


ip  nat pool Forwarding  210.2.144.151 210.2.144.151 255.255.255.252


ip   access-list extended WOW
permit tcp 192.168.30.0  0.0.0.0 range 19  19000 any

ip nat inside source list WOW pool Forwarding                                


Corect me  if i m wrong any where


Thanks  /Regards

3 Accepted Solutions

Accepted Solutions

abersven
Level 1
Level 1

If I understand this correctly you have a range of public IP addresses and want your Media BOX to be available via Internet on the IP address 210.2.144.151. In order to do this you need one line of NAT configuration to NAT between 192.168.10.30 and 210.2.144.151.

For all other internal hosts you want to use NAT overload for outbound sessions and use the public IP address 210.2.144.150


!
interface FastEthernet0/0
ip address 192.168.30.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/1
ip address 210.2.144.150 255.255.255.248
ip nat outside
!
ip nat inside source list 101 interface FastEthernet0/1 overload
ip nat inside source static 192.168.10.30 210.2.144.151
!
access-list 101 permit ip 192.168.30.0 0.0.0.255  any
!

Since your topic is Port Forwarding I will give you an example on how this can be done. Let’s say that your MediaBOX has a web gui on TCP port 80 and you want to be able to access this via Internet. To use port forwarding or PAT (Port Address Translation) as we call it you can use the following configuration.

!
interface FastEthernet0/0
ip address 192.168.30.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/1
ip address 210.2.144.150 255.255.255.248
ip nat outside
!
ip nat inside source list 101 interface FastEthernet0/1 overload
ip nat inside source static tcp 192.168.10.30 80 interface FastEthernet0/1 80
!
access-list 101 permit ip 192.168.30.0 0.0.0.255  any
!

With this configuration you will have access to tcp port 80 on your MediaBOX when via 210.2.144.150 tcp port 80. You can add more than one line for each host.

/André

View solution in original post

Hitesh Vinzoda
Level 4
Level 4

Hi,

I had tested this configuration and worked fine, See if it works for you...

ip nat pool POOL1 192.168.30.10 192.168.30.10 netmask 255.255.255.0 type rotary

ip nat inside destination list 101 pool POOL1


access-list 101 permit tcp any any range 19 19000

HTH

Hitesh Vinzoda

Pls rate useful posts.

View solution in original post

The first of the two configurations I provided is doing NAT between the two IP addresses 192.168.10.30 and 210.2.144.151 so all ports will be forwarded.

If you are coming from Internet and try to connect to 210.2.144.15 your sessions will end up at 192.168.10.30 regardless of the ports that are used.

/André

View solution in original post

4 Replies 4

abersven
Level 1
Level 1

If I understand this correctly you have a range of public IP addresses and want your Media BOX to be available via Internet on the IP address 210.2.144.151. In order to do this you need one line of NAT configuration to NAT between 192.168.10.30 and 210.2.144.151.

For all other internal hosts you want to use NAT overload for outbound sessions and use the public IP address 210.2.144.150


!
interface FastEthernet0/0
ip address 192.168.30.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/1
ip address 210.2.144.150 255.255.255.248
ip nat outside
!
ip nat inside source list 101 interface FastEthernet0/1 overload
ip nat inside source static 192.168.10.30 210.2.144.151
!
access-list 101 permit ip 192.168.30.0 0.0.0.255  any
!

Since your topic is Port Forwarding I will give you an example on how this can be done. Let’s say that your MediaBOX has a web gui on TCP port 80 and you want to be able to access this via Internet. To use port forwarding or PAT (Port Address Translation) as we call it you can use the following configuration.

!
interface FastEthernet0/0
ip address 192.168.30.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/1
ip address 210.2.144.150 255.255.255.248
ip nat outside
!
ip nat inside source list 101 interface FastEthernet0/1 overload
ip nat inside source static tcp 192.168.10.30 80 interface FastEthernet0/1 80
!
access-list 101 permit ip 192.168.30.0 0.0.0.255  any
!

With this configuration you will have access to tcp port 80 on your MediaBOX when via 210.2.144.150 tcp port 80. You can add more than one line for each host.

/André

Thanks for your reply but i need range of port for Media Bo from 19 to around 19000

waiting for your prompt response

The first of the two configurations I provided is doing NAT between the two IP addresses 192.168.10.30 and 210.2.144.151 so all ports will be forwarded.

If you are coming from Internet and try to connect to 210.2.144.15 your sessions will end up at 192.168.10.30 regardless of the ports that are used.

/André

Hitesh Vinzoda
Level 4
Level 4

Hi,

I had tested this configuration and worked fine, See if it works for you...

ip nat pool POOL1 192.168.30.10 192.168.30.10 netmask 255.255.255.0 type rotary

ip nat inside destination list 101 pool POOL1


access-list 101 permit tcp any any range 19 19000

HTH

Hitesh Vinzoda

Pls rate useful posts.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco