Re: redirect tcp port

brian · ‎07-15-2004

I have 7206 router 12.2(15)T10. Example, how can I redirect any traffic hit a host (outside firewall) tcp port 25 to redirect to tcp port 26?

m.lammerse · ‎07-15-2004

I'm not sure I understand your question correctly, but here goes. If you have a router with two interfaces and you want traffic directing to port 25 hitting the outside interface be redirected to an inside address on a different port, use the following config:

Port Static NAT

ip nat inside source {static {tcp | udp {local-ip local-port global-ip global-port | interface global-port}} [extendable | mapping-id map-id | no-alias | no-payload | redundancy group-name | route-map | vrf name

i.e.

interface Ethernet0

ip nat inside

!

interface Ethernt1

ip nat outside

!

ip nat inside source static tcp 26 Ethernet1 25

!

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_reference_chapter09186a0080238b73.html#wp1144598

brian · ‎07-16-2004

sorry for the confusion, I'll give a more detail scenario. example:

I'm using only 1 ethernet port on the router without NATing. The host is connect to the router's eth0 via crossover cable. The router's IP 192.168.1.1 and the host's IP 192.168.1.10. Whenever traffic hit 192.168.1.10 tcp/25, the router should redirect to tcp/30 on host 192.168.1.10.

m.lammerse · ‎07-17-2004

Hi Brian,

this can not be accomplished with a single ethernet interface. You will have to do some sort of NAT, which requires two interfaces.

Presumably, the router's 192.168.1.1 and the host's 192.168.1.10 are in the same subnet. This means that the router would never be able to influence traffic destined for the host, since the host is on a directly connected network.