Re: Cisco C1116 Port Forwarding From Outside to Inside

DmitriyG · ‎06-09-2022

Hi,

How can I access host in Inside network via Outside External IP address. It did not work with the normal nat rule (e.g. ip nat inside source static tcp 192.168.1.17 443 20.0.20.23 4443).
I need external static IP e.g. 20.0.20.23:4443 -> 192.168.1.17:443
Gigabitethernet0/0/0(Outside):20.0.20.23
VLAN1:192.168.1.250
Device on the intranet: 192.168.1.17

can someone recommend something?

Many Thanks

Dmytro

Flavio Miranda · ‎06-09-2022

Hi

This is usually called Port forwarding. We can find this feature in small router, home routers, but not sure if possible on this. You can also use NAT but on this case would be in the opposite direction.

Instead "ip nat inside source" you should use "ip nat outside source "

Need to be tested on this particular router.

https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/13773-2.html

paul driver · ‎06-09-2022

Hello

to do this you will require to hairpin the network translation.

The most simplistic way if your rtr support it is to use NVI nat (domain less nat no inside /outside domains)

example: access to internal web server on port 80

int x//x
description lan
no ip nat inside
ip nat enable

nt x//x
description wan
no ip nat outside
ip nat enable

ip ant source static tcp 192,158.1.10 80 interface x/x 80

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul