08-12-2006 05:57 AM - edited 03-03-2019 04:29 AM
i need a simple config using my router and nat to allw the internet to access internal devices..
08-12-2006 07:39 AM
The following is a working example that allows public ip address to access a web server in private network 192.168.1.0/24. Just remove and replace the interface types:
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
interface Ethernet1
ip address dhcp
ip nat outside
duplex auto
ip nat inside source static tcp 192.168.1.99 80 interface Ethernet1 80
Please rate helpful posts.
08-12-2006 10:32 PM
I have inserted your commands
ip nat inside source static tcp 192.168.1.99 80 210.5.c.v 80
but i can not access..
the problem remains,,
08-12-2006 10:40 PM
Dear Ehsan
Below is the config I have been doing:It is basically a LAB setup in which I have public IPs 192.168.1.0/24 and private IPs 192.168.2.0/24.Now I am giving 192.168.1.165/24 on one ethernet and 192.168.2.1/24 on another ethernet.I have kept a webserver (a Ip camera with a web server..to be precise), which is given a IP 192.168.2.200/24. Now from pool 192.168.1.0 (My PC ip is 192.168.1.75/24) I give 192.168.1.165 in my web browser, and I get access to my network camera.
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret xxxx
!
username cisco password 0 cisco
no network-clock-participate slot 1
no network-clock-participate wic 0
no aaa new-model
ip subnet-zero
ip cef
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.165 255.255.255.0
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.2.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
ip nat pool test 192.168.1.165 192.168.1.165 netmask 255.255.255.0
ip nat inside source list 1 pool test overload
ip nat inside source static 192.168.2.200 192.168.1.165
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.254
ip http server
!
access-list 1 permit 192.168.2.0 0.0.0.255
!
line con 0
line aux 0
line vty 0 4
login local
line vty 5 15
login local
!
!
!
end
Router#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1197 192.168.1.75:1197
tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1200 192.168.1.75:1200
tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1201 192.168.1.75:1201
tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1202 192.168.1.75:1202
tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1203 192.168.1.75:1203
tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1204 192.168.1.75:1204
--- 192.168.1.165 192.168.2.200 --- ---
There may be some issue with your mail server.
Regards
JD
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: