cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2248
Views
0
Helpful
7
Replies

How to Nat Multiple FTP Local Servers from one Single IP

Hari Kumar Raja
Level 1
Level 1

Dear Team,

I have a FTP server at my local network and i have natted the private IP with my Public IP using default FTP Port ( 21) , now i have created Diffrent FTP Account in my server using port 2121 and i am able to login using the private IP with port 2121 , now i want to nat with my public IP with port 2121 and i failed , can any one help me to fix this issue ASAP.

1) 125.x.x.x --------- 10.10.1.x : 21 ( Able to access from external network)

2) 125.x.x.x ---------- 10.10.1.x : 2121 ( not able to login from external network and able to login internally )

Please help me.

Thanks

Hari

7 Replies 7

Yadhu Tony
Level 1
Level 1

Hi Hari,

Post your NAT config. What is the output of 'sh ip nat translations' command?

Regards,
Tony

http://blog.yadhutony.com

Regards,
Tony

http://yadhutony.blogspot.com

Hi Tony,

Please find the nat details below , as informed you in my previous mail , i am able to access the ftp account using locally , i have natted the default ftp port 21 with public interface and i am able to login , when i change the port to 2121 i am able to login locally , but with public IP i cannot .

Nat from Original FTP Port : able to Login with public IP

(inside) to (outside) source static NAT_HOST_10.10.1.18_TCP_FTP HOST_125.62.xxx.xx service tcp ftp ftp

    translate_hits = 0, untranslate_hits = 0

I want to nat with same public IP but the port would be 2121

please let me know how i need to give a nat here and i am new for this subject.

Thanks

Hari

On a diffrent not the command " sh ip nat translations " is not working in my asa console.

Thanks

Hari

Hello

Entire configuration please

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Hi Hari,

OK. 'sh ip nat transaltion' will only work on routers.

In your NAT config ftp is port mapped to 21 and not to 2121. Inorder to work we need to mention port 2121.

Try this syntax:

object network 
 host 
 nat (inside,outside) static  service tcp  
[Hope you are using version 8.3 or latter.]

Here when hosts on the outside establish a connection to 125.62.x.x on TCP port 2121, It will be translated to       destination IP address 10.10.1.x on TCP       port 2121.

Also in your ACL mention port 2121. Let me know how it works.

Regards,
Tony

http://yadhutony.blogspot.com

Regards,
Tony

http://yadhutony.blogspot.com

Hi Tony,

I have tested the same but no luck .

Thanks

Hari

Please post the entire config.

Regards,
Tony

http://yadhutony.blogspot.com

Regards,
Tony

http://yadhutony.blogspot.com
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: