12-28-2004 05:14 PM - edited 03-02-2019 08:48 PM
Hi all,
I am a novice and I need some help. I have a 1700 router and I need to know what commands to give the router to point an external ip address to an internal ip address. We already have 3 external ip address pointing to 3 internal ip addresses. I need to point xxx.xxx.xxx.xxx to 192.168.1.252. I have no idea on how to do this and when I have finished inputting the commands into the router I do not know how to save the new configuration. Please help. My boss needs me to get this working! Please be as detailed as possible. I appreciate the help. You will be saving my butt.
Brian
12-29-2004 09:35 AM
I'm sorry I was mistaken. The NAT is being done with our PIX box. How do I add the fowarding of 65.170.13.91 to 192.168.1.252 allowing only port 25 through? Below is my Pix config:
PIX Version 5.1(2)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password xxx
passwd xxxx
hostname const1pix
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol smtp 25
fixup protocol sqlnet 1521
names
pager lines 24
logging on
no logging timestamp
no logging standby
no logging console
no logging monitor
no logging buffered
no logging trap
no logging history
logging facility 20
logging queue 512
interface ethernet0 auto
interface ethernet1 auto
mtu outside 1500
mtu inside 1500
ip address outside 65.170.x.x.x.255.248
ip address inside 192.168.1.1 255.255.255.0
arp timeout 14400
global (outside) 1 65.170.13.90
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) 65.170.x.x.x.1.254 netmask 255.255.255.255 0 0
static (inside,outside) 65.170.x.x.x.1.168 netmask 255.255.255.255 0 0
conduit permit icmp any any
conduit permit tcp host 65.170.13.91 eq smtp any
conduit permit tcp host 65.170.13.91 eq pop3 any
conduit permit tcp host 65.170.13.91 eq www any
conduit permit tcp host 65.170.13.92 eq 1494 any
conduit permit tcp host 65.170.13.91 eq ftp any
route outside 0.0.0.0 0.0.0.0 65.170.13.94 1
timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00
timeout rpc 0:10:00 h323 0:05:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
no snmp-server location
no snmp-server contact
snmp-server community grevnoc
no snmp-server enable traps
floodguard enable
isakmp identity hostname
telnet 192.168.1.0 255.255.255.0 inside
telnet timeout 5
terminal width 80
Cryptochecksum:xxxx
Thanks,
Brian
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide