Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Static NAT to a range tcp ports

I want to map a range of tcp ports to an internal host from the internet. I could use the ip nat inside static tcp command for mapping an specific port, but what if I want to map the tcp port range from 8000 to 8050?, Is there a way to do that with a single command?

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Static NAT to a range tcp ports

Try this:

1.create static translation:

ip nat inside source static 192.168.60.10 172.16.181.195 route-map MAP extendable

ip nat inside source static tcp 192.168.1.2 80 172.17.181.195 80 extendable

2. Define the port range

access-list 101 permit tcp host 192.168.60.10 range 8000 8050 any

route-map MAP permit 10

match ip address 101

Refer the following link to Mapping an Application with a Port Range:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_configuration_guide_chapter09186a00800d981c.html#xtocid2671616

8 REPLIES
Silver

Re: Static NAT to a range tcp ports

Try this:

1.create static translation:

ip nat inside source static 192.168.60.10 172.16.181.195 route-map MAP extendable

ip nat inside source static tcp 192.168.1.2 80 172.17.181.195 80 extendable

2. Define the port range

access-list 101 permit tcp host 192.168.60.10 range 8000 8050 any

route-map MAP permit 10

match ip address 101

Refer the following link to Mapping an Application with a Port Range:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_configuration_guide_chapter09186a00800d981c.html#xtocid2671616

New Member

Re: Static NAT to a range tcp ports

Thanks

New Member

Re: Static NAT to a range tcp ports

Sorry for the Double post

New Member

Re: Static NAT to a range tcp ports

I'm not quite following the address scheme here. I am attemting the same 10000 ports to one nat command, I have 192.168.1.0/24 as my inside addresses and the internet via DHCP as outside address. eth0/0 is internet (DHCP) eth0/1 is private NAT (192.168.1.0/24) I want to forward two ranges 5004-5082 udp and 10000-20000 udp to inside host 192.168.1.103. Can you give me a few pointers?

Thanks.

New Member

Re: Static NAT to a range tcp ports

in your case, it would be like this:

ip nat inside source static 192.168.1.103 interface ethernet0/0 route map MAP

access-list 101 permit udp host 192.168.1.103 range 5004 5082 any

access-list 101 permit udp host 192.168.1.103 range 10000 20000 any

route-map MAP permit 10

match ip address 101

New Member

Re: Static NAT to a range tcp ports

My Cisco 2611 is not accepting the command. It won't allow anything after "ethernet0/0". it is expecting the end of the line after ethernet0/0.

Any suggestions?

New Member

Re: Static NAT to a range tcp ports

Hi,

Your command would go like

ip nat inside source

Cheers !

New Member

Re: Static NAT to a range tcp ports

I tried

ip nat inside source route-map MAP interface ethernet0/0

with no results I also finished by adding the other configs). I'm still lost and not working.

486
Views
5
Helpful
8
Replies