Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
377
Views
0
Helpful
4
Replies

incoming traffic redirection

Go to solution
mberthelot
Level 1
Level 1

‎06-28-2006 01:29 PM - edited ‎03-03-2019 01:10 PM

Hi,

I 'm planing to set up a configuration with SOHO 91 for remote users to access a web server (with private ip address) on my LAN. I have a single public IP for the router outside interface. The question is : can I set up a nat rule translating outgoing trafic with the public interface IP and incoming traffic to the public ip into the private server ip ?

Example :

interface ethernet 0

ip address A.B.C.D

ip nat inside

interface ethernet 1

ip address [public_ip]

ip nat outside

ip nat inside source static [server_ip] [public_ip]

Will this work ? In particular, can a remote user access my server using my public ip ?

Thank you for the help !

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
desai.jaideep
Level 5
Level 5

‎06-28-2006 09:54 PM

Hi

int eth 0

ip add 192.168.1.1 255.255.255.0

ip nat inside

int eth 1

ip add 10.0.0.1 255.0.0.0

ip nat outside

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source static tcp 192.168.1.1 80 10.0.0.1 80 extendable

ip nat pool TEST 10.0.0.1 10.0.0.1 netmask 255.0.0.0

ip nat inside source list 1 pool TEST overload

Regards

JD

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Roberto Salazar
Level 8
Level 8

‎06-28-2006 02:56 PM

Yes, but you need to do the following:

ip nat inside source static tcp [server_ip] [L4_port] [public_ip] [L4_port]

The command says that any [L4_port] traffic that is destined to [public_ip] do an address translation to [server_ip] [L4_port]. Since you are accessing a web server it will be port 80 or http.

ip nat inside source static tcp [server_ip] 80 [public_ip] 80

Please rate all posts.

0 Helpful

Go to solution
desai.jaideep
Level 5
Level 5

‎06-28-2006 09:54 PM

Hi

int eth 0

ip add 192.168.1.1 255.255.255.0

ip nat inside

int eth 1

ip add 10.0.0.1 255.0.0.0

ip nat outside

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source static tcp 192.168.1.1 80 10.0.0.1 80 extendable

ip nat pool TEST 10.0.0.1 10.0.0.1 netmask 255.0.0.0

ip nat inside source list 1 pool TEST overload

Regards

JD

0 Helpful

Go to solution
mberthelot
Level 1
Level 1
In response to desai.jaideep

‎07-01-2006 02:47 AM

OK.

Thank you all

0 Helpful

Go to solution
UTVi-NetAdmin
Level 1
Level 1

‎07-05-2006 05:54 AM

Hi,

My question is very similar so haven't created new thread.

What happens in the scenario where, as in Mathias's example, you have static inbound NAT, for example:

!

ip nat inside source list 1 interface FastEthernet0/1 overload

!

access-list 1 permit 192.168.10.0 0.0.0.255

!

ip nat inside source static tcp 192.168.10.11 10001 extendable

ip nat inside source static tcp 192.168.10.12 10002 extendable

ip nat inside source static tcp 192.168.10.13 10003 extendable

!

Is there a way of connecting to a.b.c.d via telnet, for management. The static NAT statements seem to have broken this. Is there a way of specifying a 'default' behaviour when specifying a port not mentioned above?

Also, what does the 'extendable' keyword mean exactly?

Thanks,

Mark

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card