Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
352
Views
0
Helpful
1
Replies

Cisco 827 ADSL Router With NAT and PAT

w.brunson
Level 1
Level 1

‎01-31-2004 06:59 AM - edited ‎03-02-2019 01:16 PM

I have an 827 ADSL router connected to my DSL service provider. Before I had this router, I had a linksys router providing all the NAT and port forwarding functions. Right now I have NAT configured for all my internal computers to translate to my static ISP provided IP address. And I also have NAT translating outside requests for tcp port 80 to my internal web server. This works well except that the web server has a firewall and blocks the request because the source address is an outside address (Internet). I remember on the old linksys router, the firewall would not block this request because it looked like a request from the Ethernet or internal IP address. Maybe this is a security flaw with linksys products, but I was wondering if anyone has a suggestion for me to get around the problem. Below is the configuration on the router, minus secure information:

interface Ethernet0

ip address 192.168.0.1 255.255.255.0

ip nat inside

!

interface ATM0

ip address X.X.X.1 255.255.252.0

ip nat outside

!

ip nat inside source list 101 interface ATM0 overload

ip nat inside source static tcp 192.168.0.254 80 X.X.X.1 80 extendable

!

access-list 101 permit ip 192.168.0.0 0.0.0.255 any

Also, does anyone have any experience with adding access lists and ip inspect commands in this configuration without affecting the outside connections from getting to the internal web server?

Thanks for any help!

Labels:
0 Helpful
1 Reply 1

raymong
Level 4
Level 4

‎02-02-2004 10:22 AM

Here is a url with more information on configuring access lists:

http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Internetworking:ACCESS-LIST_ARP_BOOT_DHCP

To permit traffic to your webserver, you will need to configure an acl and permit traffic to tcp port 80. Apply this acl inbound on the ATM interface. (note - there is an implicit deny any any at the end of the acl so you will have to permit all the traffic through your acl that you want or else it will be denied)

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card