NAT port range forward on Cisco 831

yoan.bouchard · ‎12-11-2006

Hi,

I've been trying to forward a range of UDP port to an internal address but I can't do it.

I can only do static forward, and I'm not gonna forward port 8000 to 9999 one by one.

I've tryed with acl, with no result.

INFO:

Router: Cisco 831 (ISO 12.4(2)t1)

ETH0 (LAN: 192.168.2.0)

ETH1 (INTERNET)

FORWARD PORT (UDP 8000 to 9999)

to Address IP (192.168.2.88)

yoan.bouchard · ‎12-11-2006

ADDITIONAL INFO: That what I tryed

access-list 111 remark ACCESS-LIST RANGE PORT SIP - VOIP

access-list 111 permit udp any host 192.168.2.88 range 8000 9999

ip nat pool voip 192.168.2.88 192.168.2.88 netmask 255.255.255.255 type rotary

ip nat inside source list 111 pool voip

michael.lowry · ‎12-29-2006

How about you break it down to basics and try a more general approach to it and then if that works, then you can tailor it more.

Try the slight tweak on your configuration above:

!

access-list 111 permit udp any any range 8000 9999

!

ip nat pool voip 192.168.2.88 192.168.2.88 netmask 255.255.255.0 type rotary

!

ip nat inside source list 111 pool voip

!

Also ensure that there are no ACLs which would block this traffic and remember that the ACL inbound has to specify the GLOBAL IP and not the internal IP as the access-list inbound is checked before the NATting occurs.