Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

NAT for Multiple FTP sites

I am using NAT overload and static NAT on my router. The router configuration is as follows:

Router(config)#interface fa0/0

Router(config-if)#ip address 192.168.1.254 255.255.255.0

Router(config-if)#no shut

Router(config-if)#ip nat inside

Router(config-if)#interface fa0/1

Router(config-if)#ip address 203.109.120.2 255.255.255.252

Router(config-if)#no shut

Router(config-if)#ip nat outside

Router(config)#ip route 0.0.0.0 0.0.0.0 interface fa0/1

Router(config)#ip nat inside source list 1 interface fa0/1 overlaod

Router(config)#access-list 1 permit 192.168.1.0 0.0.0.255

Router(config)#ip nat inside source static tcp 192.168.1.252 80 interface fa 0/1 80

Router(config)#ip nat inside source static tcp 192.168.1.252 21 interface fa 0/1 21

The ftp site and web server are accessible from the internet.

I have created another FTP site using private IP 192.168.1.250 and default FTP port 21 on FTP server. The site is accessible from within the LAN but not from the internet. Is there any form of static NAT which will allow this. I am out of ideas. Please help

4 REPLIES
Silver

Re: NAT for Multiple FTP sites

Use another port for that FTP server (i.e. 2121) or apply for additional public IP addresses.

New Member

Re: NAT for Multiple FTP sites

I tried creating another Ftp site using port number 1024 and used the following static NAT command.

ip nat inside source static tcp 192.168.1.252 1024 interface fa 0/1 1024

Again, this site is accessible from within the LAN but not from the internet.

Silver

Re: NAT for Multiple FTP sites

The host for both 21 and 1024. I thought you wanted to use 192.168.1.250 for the secondary FTP server.

"ip nat inside source static tcp 192.168.1.252 1024" uses the same host as "ip nat inside source static tcp 192.168.1.252 21"

Do you have an inbound access-list configured and/or use a firewall that blocks inbound traffic on ports other than 80 and 21 for instance?

New Member

Re: NAT for Multiple FTP sites

No there is neither any inbound access-list on the router nor do we have a firewall.

391
Views
0
Helpful
4
Replies
CreatePlease to create content