Im trying to forward anything coming in on ports 27000 through 27040 tcp/udp and also 1200 tcp/udp
to my server at 192.168.1.3 but, I just cant seem to get an open port scan from whatsmyip.org. The port
inside is operational it is a game server that I connect to no prob. Here is my current config.
no aaa new-model memory-size iomem 15 no network-clock-participate slot 1 no network-clock-participate wic 0 ip cef
ip name-server 126.96.36.199 ip name-server 192.168.1.75 ip name-server 188.8.131.52 ip name-server 192.168.1.76
interface FastEthernet0/0 ip address dhcp ip nat outside duplex auto speed auto
interface FastEthernet0/1 ip address 192.168.1.254 255.255.255.0 ip nat inside duplex auto speed auto
ip forward-protocol nd ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 dhcp
ip http server no ip http secure-server
ip nat pool OUTSIDE 184.108.40.206 220.127.116.11 netmask 255.255.192.0 ip nat pool SRCDS_Server 192.168.1.3 192.168.1.3 netmask 255.255.255.0 ip nat inside source list NATTY pool OUTSIDE overload ip nat outside source list SRCDS_IN pool SRCDS_Server
ip access-list extended NATTY permit ip 192.168.1.0 0.0.0.255 any
ip access-list extended SRCDS_IN permit tcp any range 27000 27040 18.104.22.168 0.0.63.255
one static PAT entry per port is indeed a good solution for a few ports and I had not seen that there were only 41 ports in the 27000 range so it could be administratively doable here even if it would mean a total of 41*2 +2= 84 static entries.
my external ip is 22.214.171.124 and my internal server is @ 192.168.1.3 and I am running PAT for my internals. Is there an example configuration using route-maps to acomplish this task that someone could possibly point me to. I have a little knowledge of route-maps from my CCNP route class. But I seem to get lost during configuraton on what is actually happening as the packet lands on my public interface.
if you only have one external IP and it is a dynamic one then the only solution is to do one static PAT entry per port/protocol like this because the rotary feature won't work if your external IP is dynamic and may change:
ip nat inside static tcp 192.168.1.3 27000 interface f0/0 27000
ip nat inside static tcp 192.168.1.3 27001 interface f0/0 27001
like Jon suggested.On IOS there is some support for object-group in ACL but not in NAT command and I'm not even sure it is supported in a non traffic filtering ACL.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...