Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

NATting inside address

Hi

What would be the command to NAT the inside IP address for Telnet. My firewall IP address is 203.41.1.x and i want to give a telnet access port 22 & 23 to inside Server 10.200.1.2

4 REPLIES
Purple

Re: NATting inside address

Try something like this:

access-list ACL_IN permit tcp any host 203.41.1.x eq 22

access-list ACL_IN permit tcp any host 203.41.1.x eq 23

access-group ACL_IN in interface outside

static (inside,outside) 203.41.1.x 10.200.1.2

Hope that helps - pls rate the post if it does.

Paresh

Community Member

Re: NATting inside address

hi Paresh

i used the following config, but its not working.

static (inside,outside) tcp 203.41.1.x 23 10.222.0.3 23 netmask 255.255.255.255 0 0

access-list telnet_in permit tcp any host 203.41.1.x eq 23

access-group telnet_in in interface outside

clear xlate

what is the tools to access telnet on port 22?

Re: NATting inside address

hi

Try configuring SSH access on your PIX to access the box from outside nework.

http://cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008054d863.html

regds

Gold

Re: NATting inside address

static port forwarding needs to be configured rather than ordinary static nat. the reason being that only one public ip is available.

e.g.

static (inside,outside) tcp interface 23 10.222.0.3 23 netmask 255.255.255.255

static (inside,outside) tcp interface 22 10.222.0.3 22 netmask 255.255.255.255

clear xlate local 10.222.0.3

access-list 111 permit tcp any interface outside eq 23

access-list 111 permit tcp any interface outside eq 22

access-group 111 in interface outside

95
Views
0
Helpful
4
Replies
CreatePlease to create content