Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

NAT Inbound/Outbound Problem

Greetings -

Here is the situation. I have 3 hosts on Private IP behind a 2500 Router. I am using PAT to xlate the 3 Private IP to a single Public IP.

Host1 172.16.99.x1

Host2 172.16.99.x2

Host3 172.16.99.x3

PAT Address 220.xxx.xxx.xx1

The directly connected (T1) vendor has only opened 1 port on their firewall for us to establish TCP connections with their inside host.

Global Commands:

ip nat pool name 220.xxx.xxx.xx1 220.xxx.xxx.xx1 prefix 24

ip nat inside source list 1 pool name overload

access-list 1 permit 172.16.99.xx1

access-list 1 permit 172.16.99.xx2

access-list 1 permit 172.16.99.xx3

Ethernet0

ip nat inside

serial0

ip nat outside

Outbound connections work fine.

Question: If the vendor needs to establish a tcp session with host #2 (Only), is it possible to do so?

And what config changes would we need to make in order to make this happen?

Thanks in advance.

sg

1 REPLY
Cisco Employee

Re: NAT Inbound/Outbound Problem

if you want to establish a tcp session from the outside to the inside, use the static nat command.

ie:

for an inside webserver.

ip nat inside source static tcp x.x.x.x 80 x.x.x.x 80

use the question mark (?) to see what address to place instead of x.x.x.x (never sure if this is global first or local first)

116
Views
0
Helpful
1
Replies
CreatePlease to create content