Configuring NAT to Allow the Internet to Access Internal Devices

[spillo3000]

Thi is my configuration for nat:

interface ATM0
description internet
bandwidth 2048
no ip address
atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
fair-queue
interface FastEthernet0
bandwidth 102400
ip address 192.168.1.1 255.255.255.0
ip access-group

http://wwww->local

in
ip access-group local->

http://www out

no ip redirects
ip nat inside
speed 100
full-duplex
no cdp enable

ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.1.6 22 interface Dialer1 22
ip nat inside source static udp 192.168.1.6 22 interface Dialer1 22

with this configuration ssh from outside doesn't work.
mY public ip is dinamic and if i put

ip nat inside source 192.168.1.7 a.b.c.d

all function properly, but when the lease change i must reconfigure all.

please help me.

 

[burtsbees]

First off, what is the config on the di1 interface? Do you have "ip nat outside"???
Second, what does the acl 1 look like?
Third, you can only put one port/one protocol per port per IP address---once a static NAT translation is set, it does that port with the last protocol specified, in this case UDP. Do this...
router>en
router#conf t
router(config)#no ip nat inside source static udp 192.168.1.6 22 int di1 22
and then this...
router(config)#ip nat inside source static tcp 192.168.1.6 22 int di1 22

What is the 192.168.1.6 box? An exchange server by chance?

Burt