Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Static NAT problem on 1841 router

Hi all.

I have a Cisco 1841 router at home with version 12.4(13r)T advanced ip services.

The setup is extremely simple:

1) PPPOE dialer to my service provider over ADSL

2) Nat overload on the dialer interface.

3) 2 Vlans one for home network (wired) and one for wireless both vlans are connected through interface vlans respectively.

My problem is when I configure static NAT to map RDP or any other protocol to inside hosts this doesn`t work.

"

ip nat source static tcp 192.168.20.3 2222 interface Dialer1 2222

ip nat source static tcp 192.168.20.3 3389 xx.xx.xx.xx 3389 extendable

ip nat inside source list 20 interface Dialer1 overload

"

P.S

When I open wireshark and sniff the traffic on home computer which is the one I`m trying to reach I can`t see any traffic.

and While performing nat debuging I am also not able to see traffic going to that port (for example 3389)

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

Re: Static NAT problem on 1841 router

Ok, with your interface-config one problem is visible:

On the interface you use the "legacy" NAT, but the global NAT is the more modern NVI-style.

Change your NAT from

ip nat source static tcp 192.168.20.3 3389 xx.xx.xx.xx 3389 extendable

to

ip nat inside source static tcp 192.168.20.3 3389 xx.xx.xx.xx 3389 extendable

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
7 REPLIES
VIP Purple

Static NAT problem on 1841 router

1841 router at home with version 12.4(13r)T

That's not your IOS-version. The IOS-version is printed in "show version" above that.

Regarding your problem: Have you allowed the traffic in your external ACL?

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

Static NAT problem on 1841 router

Hi Karsten.

Thanks for quick reply

The IOS is c1841-advipservicesk9-mz.124-25b.bin

and basically I don`t have an ACL on the dialer interface if thats what you are asking:

interface Dialer1

ip address negotiated

ip verify unicast source reachable-via rx allow-default 100

no ip proxy-arp

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp pap sent-username xxxxx

password 7 xxxxxxx

end

Here is the nat overload configuration together with it`s ACL:

< ip nat inside source list 20 interface Dialer1 overload >

< access-list 20 permit 192.168.0.0 0.0.255.255 >

thanks again.

Purple

Static NAT problem on 1841 router

Hi,

ip nat source static tcp 192.168.20.3 3389 xx.xx.xx.xx 3389 extendable

I suppose this is not for Dialer 1 but for the other ISP connection ?

Regards.

Alain

Don't forget to rate helpful posts.
New Member

Static NAT problem on 1841 router

Hi Alain.

I have only one ISP conenction which I connect to over PPOE at dialer1.

The config line above is when I tried doing a configuration for IP address instead of interface, so basically xxxxxx is the

address I have got from my ISP via dialer 1.

VIP Purple

Re: Static NAT problem on 1841 router

Ok, with your interface-config one problem is visible:

On the interface you use the "legacy" NAT, but the global NAT is the more modern NVI-style.

Change your NAT from

ip nat source static tcp 192.168.20.3 3389 xx.xx.xx.xx 3389 extendable

to

ip nat inside source static tcp 192.168.20.3 3389 xx.xx.xx.xx 3389 extendable

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

Static NAT problem on 1841 router

Thank you so much!!

works like a charm

Purple

Static NAT problem on 1841 router

Hi,

good catch

Regards.

Alain.

.

Don't forget to rate helpful posts.
522
Views
0
Helpful
7
Replies
CreatePlease to create content