Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NAT and port forwarding using IOS 12.1 1

Status
Not open for further replies.

soupnazi

IS-IT--Management
Apr 2, 2001
22
US
I need some help getting port forwarding set up on my router. Here is my setup... I'll try and make this as basic as possible...

Cisco router (Dialup1) - ISP assigned IP address
Cisco router (E0) - 10.0.0.1 255.0.0.0
Home PC (nic) - 10.0.0.2 255.0.0.0 with gateway 10.0.0.1

How do I set up the router so I can forward all FTP requests and to my home PC? I'm running IIS on my home PC. I've tried setting up the access list and it seems to work, but only for 10.0.0.1 address... I would like to be able to serve FTP requests and from my home PC, yet maintaing a firewall and denying all other requests.

Open for suggestions!! Thanks!! -soupnazi-
"No soup for you!"
 

Here is a sample config that static maps port 80 to an addres on the inside of the NAT
!
ip nat inside source list 1 interface Ethernet1 overload
ip nat inside source static tcp 192.1.1.235 80 64.195.192.111 80 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 64.195.192.254

Mike S

"Diplomacy; the art of saying 'nice doggie' till you can find a rock" Wynn Catlin
 
Hmmmm, does that mean that since my external IP address is dynamic I cannot do this? My external IP address is assigned to me from my ISP. It may change on me. Is there nothing I can do? Thanks! -soupnazi-
"No soup for you!"
 
Good question!!! I dont have a ready answer for that one. There are serveral detailed papers on Cisco's site for NAT and I will take a look later. Perhaps someone else has already done this and has the answer :)

Mike S
"Diplomacy; the art of saying 'nice doggie' till you can find a rock" Wynn Catlin
 
wybnormal,

I figured it out... (I think) Here's what I did. Your suggestion was a good idea and I took that idea and came up with this...

!
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 10.0.0.2 21 interface Dialer1 21
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1

This seems to work... :) Thanks for your help!!
-soupnazi-
"No soup for you!"
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top