Cisco Support Community
Community Member

DSL, static Ips and firewall

I have Qwest DSL, 5 static IP's, a firewall and a cisco 678 router. I have the firewall configured as one of my 5 static IP's. Im trying to use port forwarding on my firewall to get to other PC's..

Right now, the only sucess that I have is my mail server... No other ports that I have forwarded work. Is there something I'm missing.. I assumed everything going to IP address would be forwarded to my firewall...

I have had another company admin, that also uses the same firewall, check the firewall config and he finds nothing wrong with the firewall.. He says he cannot figure it out and everything should work okay...

I have to assume that the issue is now with the router...

Right now.. NAT is disabled...

Community Member

Re: DSL, static Ips and firewall

So if I understand this correctly, you have addresses A.B.C.1 through A.B.C.5

(for example). The router's internal address is A.B.C.1 and the firewall is A.B.C.2

Is your router's DSL interface one of the 5 IPs, or does it have a WAN ip address?

Here's my suggestion - set up a private address scheme, say 192.168.1.x on the inside network of your firewall. Set your firewall's internal address to

Create a point-to-point network between your router and your firewall. Set your firewall's external address as and your router's internal address to /30

Set a route in the router to Then use static translations in the router to map your external IP addresses to addresses. Let's say an internal host is your SMTP server. Set it to be Then use the following

ip nat inside source static A.B.C.3

ip nat inside source static A.B.C.4 (if you have another machine)

and turn NAT on at the router

set dsl interface to be "ip nat outside" and ethernet interface to be "ip nat inside"

access-list 7 permit

ip nat inside source list 7 interface ATM0 overload

Then make sure your firewall allows the protocol connectivity to the inside hosts.

I think the root of your problem is that you are incorrectly distributing your 5 static ips on different logical networks.

Community Member

Re: DSL, static Ips and firewall

Okay.. Lets clarify the situation..

My Ips are a.b.c.1 - a.b.c.5

My Router is locked to a.b.c.6 by qwest...

Right now I use a.b.c.1 as my firewall's external address..

Then I get EMAIL and DNS to my Mail server using port forwarding ports 25 and 53, but setting my firewall to forward ports 25 and 53 to f.g.h.i

But that is it....


CreatePlease to create content