Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NAT private to public

Status
Not open for further replies.
secureinc

secureinc

Technical User
Feb 18, 2002
34
0
0
US
Below is the config on my router. What I need to do is to nat 192.168.10.200 to a public ip address of 4.67.21.xx. How would I do that?

Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service compress-config
!
hostname Router
!
no logging console
enable secret 5 xxxxx
enable password xxxxx
!
ip subnet-zero
!
!
!
interface Ethernet0
description local network
ip address 192.168.10.10 255.255.255.0
no ip directed-broadcast
ip nat inside
no ip route-cache
!
interface Ethernet1
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0
bandwidth 256
no ip address
no ip directed-broadcast
encapsulation frame-relay
logging event subif-link-status
logging event dlci-status-change
keepalive 8
no fair-queue
down-when-looped
service-module t1 timeslots 1-4
frame-relay lmi-type ansi
!
interface Serial0.1 point-to-point
description connection to Internet
bandwidth 256
ip address 4.25.163.xxx 255.255.255.252
no ip directed-broadcast
ip nat outside
frame-relay interface-dlci 100
!
ip nat inside source list 1 interface Serial0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0.1
!
access-list 1 permit any
banner motd ^C
Authorized Personel Only
Current Sessions Are Logged

^C
!
line con 0
transport input none
line vty 0 4
password xxxxx
login
!
end

Router#

Thank you and much appreciated!!!
 
Sort by date Sort by votes
you may need to change
ip nat inside source list 1 interface Serial0 overload

to
ip nat inside source list 1 interface Serial0.1 overload
logo-tektips.gif
 
Upvote 0 Downvote
The method you are doing NAT is via NAT overload. This will allow any of your 192.168.10.0/24 traffic to NAT out to your Serial interface, but as for traffic trying to come IN to your network, it's going to all drop at the Serial interface (no external -> internal mapping setup yet).

You need to get that private IP natted to an outside public IP (all ports forwarded). Here is how I currently do that:

private IP: 192.168.10.200
public IP: 4.67.21.xx

IOS command:
ip nat inside source static 192.168.10.200 4.67.21.xx

This will NAT the outside address of 4.67.21.xx -> 192.168.10.200.

If you wanted to just forward some ports (such as TCP 21 ftp) to increase security on your router:

ip nat inside source static tcp 192.168.10.200 21 4.67.21.xx 21


I hope this helps you out --

Rainman

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
71
Luzbel
Luzbel
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
101
madwok
madwok
PThomp3344
  • Locked
  • Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
90
bdk76
bdk76
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
87
BIS
BIS
DTGMI
  • Locked
  • Question
Moving from Juniper SRX-240 to Cisco ??
Replies
0
Views
61
DTGMI
DTGMI

Part and Inventory Search

Sponsor

Back
Top