Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT port forwarding to Linux server with no gateway set.

I have a SR520 router which has a ADSL connection and I'm wondering if it is possible to configure the router so that a port can be forwarded to a Linux server that is on the same LAN network as the VLAN on the router without having a route/gateway setup on the Linux server.  If I set the router vlan IP address as the gateway on the Linux box then it works as expected and I can connect from a public IP to the local IP of the Linux server, but if I remove the gateway on the Linux computer, I can no longer connect, but since the LInux computer is on the same local network as the router it seems like it should be possible.

Below is the router config, I would like to be able to ftp from a public IP to 192.168.1.5 which is the local Linux box.  I know there can't be any outbound traffic from the Linux box without the gateway being set, but this is ok, or are routes a two way street and what I want can't be done? One thought I had was to use the remote command feature of ssh:

ssh <router-public-ip> 'ftp 192.168.1.5'

The problem with this is the router doesn't have a ftp command to connect to a ftp server.

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname SR520

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

enable secret 5

!

no aaa new-model

!

dot11 syslog

ip source-route

!

!

!

ip cef

!

no ipv6 cef

multilink bundle-name authenticated

!

!

username cisco privilege 15 secret 5

!

!

!

archive

log config

  hidekeys

!

!

!

bridge irb

!

!

interface ATM0

no ip address

no atm ilmi-keepalive

pvc 0/35

  encapsulation aal5snap

!

dsl operating-mode auto

bridge-group 1

!

interface FastEthernet0

switchport access vlan 75

!

interface FastEthernet1

switchport access vlan 75

!

interface FastEthernet2

switchport access vlan 75

!

interface FastEthernet3

switchport access vlan 75

!

interface Vlan1

no ip address

shutdown

!

interface Vlan75

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface BVI1

ip address dhcp

ip nat outside

ip virtual-reassembly

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 atm0

!

no ip http server

no ip http secure-server

ip nat inside source list 100 interface BVI1 overload

ip nat inside source static tcp 192.168.1.5 21 interface BVI1 21

!

access-list 100 permit ip any any

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

726
Views
0
Helpful
0
Replies