Re: Port range forward with a dhcp address?

andrea.desole · ‎12-15-2006

I surprisingly didn't find much documentation about port range forwarding.

I would need to forward a few ports on my 877w, and I might have seen a solution between two static addresses. However, although my provider gives me a fixed ip address, I get it via dhcp, so I would like to build a static nat where the outside address is given via dhcp. This would mean using the interface as outside, but in that case I can't find a solution to forward a range of ports.

Anyone has an idea?

Thank you

Thanks

jheckart · ‎12-15-2006

Andrea,

I think that you are asking to have a static translation on the outside interface to an internal private address based upon tcp/udp port. If so, here is how it would be done.

int fa1

"ip nat inside"

int fa4

"ip nat outside"

"ip nat inside source static tcp 192.168.1.20 22 interface fastethernet 4 22"

This short config would utilize fa1 as the inside interface for nat, and fa4 as the outside. This would then translate an inside address 192.168.1.20 port tcp/22 to port tcp/22 on interface fa 4.

Assuming that your acl's/firewall allow it, someone could create a connection to the address on fa4 port 22, and it would connect to 192.168.1.20.

Is this what you were looking for?

andrea.desole · ‎12-16-2006

Yes, kind of. This is what I did to configure my ssh, exactly on the same port.

In this case, however, I would like to go a bit further: I would like to do the same for, for example, all the ports between 7001 and 7050. What I can do is to write the same line 50 times, every time with a different port (which is at the end what I did), or maybe there is a better solution. If I make an access list I can specify the port range, and I was hoping that there was a similar solution for static nats.

Thanks