Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

NAT with 2650XM and NM-16ESW

Hi,

I have one 2650XM with FE0/0 (internet) and FE1/[0-15] (lan). I need to redirect some ports (ie.: public.ip:22 to server1.lan:22, connected to FE1/0), the problem is, i can't assign a local IP to the FE1/0, so how can i do it?

If you need more info, reply please.

7 REPLIES
Silver

Re: NAT with 2650XM and NM-16ESW

How is the switch module configured? Do you have the 16 FE ports part of a VLAN and then the VLAN has a SVI (int vlan)?

If yes then I do not think there is any issue. I am assuming the Fa0/0 has a public IP address so I do not think there is any issue creating a port translation unless I am missing something. You can use the following command:

ip nat inside source static tcp

New Member

Re: NAT with 2650XM and NM-16ESW

There's no VLAN configured. At the moment, the only thing I have configured is the FE0/0. The servers connected to the FE1/x have local ip. Btw, I only have one public IP address.

Re: NAT with 2650XM and NM-16ESW

Hello,

can you post the configuration of your router ? And what are the IP addresses of the machines you want to redirect from/to ?

Regards,

GNT

Silver

Re: NAT with 2650XM and NM-16ESW

Having one public IP is not a problem. By the way it looks like your servers are not accessing internet at the moment ... Is that correct?

What you need to do is to assingn your inside ports to a VLAN (I am assuming they are already all part of VLAN 1 by default). Next you need to create an SVI:

Router(config)# int vlan 1

Router(config-if)#ip address

Router(config-if)# no shut

You will use the ip address of VLAN 1 as the default gateway for the servers. Next to enable internet access for all servers you need to configure NAT. Since you have only one public IP you will do NAT overload:

Router(config)# ip nat inside source list 1 interface Fa0/0 overload

Router(config)# access-list 1 permit

Router(config)# int fa 0/0

Router(config-if)# ip nat outside

Router(config)# int vlan 1

Router(config-if) ip nat inside

Now all you local servers should be able to access the internet. To enable access to specific local servers on specific ports from the outside you need to configure static port translation:

Router(config)# ip nat inside source static tcp server_ip 22 public_ip 22 extendable

This is an example config. You can modify it to suit your requirements.

New Member

Re: NAT with 2650XM and NM-16ESW

thank you.

I'll try that.

New Member

Re: NAT with 2650XM and NM-16ESW

ok, i've tested this conf several times and i can't get access to internet from lan...

i can ping vlan ip, fa0/0 ip but i cant ping anything else :S

New Member

Re: NAT with 2650XM and NM-16ESW

ok... i'm not sure if my inside ports are already all part of VLAN1... i can't find any problem with the configuration and yet i can't access internet from inside... :S

392
Views
4
Helpful
7
Replies