cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
399
Views
0
Helpful
4
Replies

routing decision based on ports

rpalacio
Level 1
Level 1

is it possible for a router say 2600 series to based its routing decision on the incoming ports used?

eg.

1 if the incoming traffic is smtp/pop3, route it to mail server with ip address X on the LAN

2. And if the incoming traffic is http, route it to the www server with ip address Y on the LAN

Both X and Y are on the ethrnet side of the router and are of private addresses....The obvious purpose of which is to use a single public IP address which is just on the serial side of the router to allow both http pop3/smtp access from the outside...the services are provided by the X and Y servers on the LAN.

thx.

4 Replies 4

jasyoung
Level 7
Level 7

http://www.cisco.com/warp/public/556/9.html

Configure static NAT mappings on the router to direct traffic differently for different TCP ports. For instance:

ip nat inside source static tcp 10.0.0.2 25 200.14.15.2 25

ip nat inside source static tcp 10.0.0.2 110 200.14.15.2 110

ip nat inside source static tcp 10.0.0.3 25 200.14.15.2 80

Where 10.0.0.2 is your mailserver, 10.0.0.3 is your webserver, and 200.14.15.2 is your single public IP address.

For those of you who are looking for the documentation on this feature, this is called "Port Address Translation" and it works beautifully.

The only problem with PAT I ran into was actually on a PIX with 6.2. I found that I could not find a way to port map the PIX's outside interface to an internal windows 2000 VPN server. The reason for this is that PAT only wants to work with TCP or UDP protocol ports, and the windows 2000 VPN server needed a GRE protocol mapping. Thus I had to use a second global address for VPN port forwarding, by way of a statically mapped NAT address.

One of you will probably tell me that I could have done it some other way!

JORGE RODRIGUEZ
Level 10
Level 10

Yes it is possible. One way I can think of is by implementing Policy-Based Routing.

http://www.cisco.com/warp/public/732/Tech/plicy_wp.htm

Jorge Rodriguez

thx a lot ....so this just mean i can use multiple services hosted by different servers which are accessible from outside without availing multiple public ip addresses...what is d advantages of having public ip address on each servers as compared to using a public ip address only on d serial interface.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco