Re: 12.2 IOS port redirection ?

rfyoung1 · ‎02-08-2002

I have a Zyxel router that I am replacing with a Cisco product to allow for a VPN to be created between our corporate office and a remote office. The Zyxel has a single IP Address on the internet. I am looking at using a Cisco 1710 with 12.2 IP/FW/IDS PLUS IPSEC 3DES software.

The Cisco 1710 with the latest 12.2 version of software will do what is called port address mapping. This appears to allow you to change the port for incoming traffic (example port 100 can be redirected to port 200) ,but I am not sure if it will allow the PAT address to receive all SMTP traffic and redirect it to a single host on the inside like the a Zxyel router that I will be replacing. I know you can do this with an extra Global address and static, but unfortuantley I only have 1 external address.

noc · ‎02-09-2002

you can still do it even with 1 external address. Its just a simple nat port rule.. see this.

ip nat inside source static tcp 10.0.0.11 25 66.77.55.44 25

this will work if you know you always going to have

the same ip address on your outside interface.

int f0/1

description outside interface (this may be s0/0 or something

else for you)

ip address dhcp

ip nat outside

int f0/0

description inside lan interface

ip addr 10.0.0.1 255.255.255.0

ip nat inside

now if you ip is going to change alot (because its

a cable modem, or something that give your outside

interface a dhcp address, then set up the nat rule

this way.

ip nat inside source static tcp 10.0.0.11 25 interface f0/1

now what ever gets assigned on f0/1 (ip nat outside interface) will be natted to the inside server on port 25 (smtp) )

just remember to define you "ip nat outside" and

"ip nat inside" interfaces correctly, or the rule won't work.