This script helps fix a bug in Cisco IOS present in many (if not all) versions from 12.4 to 15.1 when using NVI, PAT, and a dynamically assigned global IP address.

BACKGROUND:

NVI has certain advantages over traditional NAT, for one it can perform REVERSE PORT TRANSLATION.

Reverse PAT will let you reach an internal server using the GLOBAL IP address and port from the LAN.

To configure NVI you substitute:

ip nat outside or ip nat inside for ip nat enable in interface configuration mode.

ip nat inside source static a.b.c.d xx int fa0 yy for ip nat source static a.b.c.d xx int fa0 yy in global configuration mode.

ip nat source route-map NAT_MAP interface Dialer1 overload for ip nat inside source route-map NAT_MAP interface Dialer1 overload in global configuration mode.

Now, you should be able to access your web server from the LAN using the GLOBAL IP ADDRESS.

Where the script comes in:

This is GREAT, right ?! Not so if you have a dynamic IP address, because as soon the router reboots, it will start up, and the NAT entries will be classical NAT entries instead of NVI entries. This breaks "port forwarding" in general, so I wrote a script to re-enter the statements as soon as the interface is placed in up status. I'm just going to leave this here, and if anybody needs help feel free to ask.

(BTW, you can tell this is happening to you if you have ip nat source static ... statements visible in the output of show ip nat translations instead of ip nat nvi translations.)

Save it, and copy to the router. Look inside the file for how configure IOS to use the script.

Good Luck!