Re: CISCO1941/K9 IOS 15.0 UDP Port Range 10,000-20,0000 Port Forwarding

MutondoSitemba9893 · ‎03-12-2020

Hi,

I tried this on a cisco 1941 and got not joy, one work around i did get to work not entirely correctly was the below:

ip nat inside source static [Local IP Address] [Wan IP Address] route-map PORTFWD

route-map PORTFWD permit 100
match ip address 100

access-list 100 permit udp any any range 10000 20000

The problem with this configuration is that all udp ports are being forwarded to [Local IP Address] instead of the specified range, any thoughts ?

Georg Pauwen · ‎03-12-2020

Hello,

check if your IOS supports port maps. Below is a generic example:

access-list 1 permit local_ip_address
!
ip nat portmap UDP_RANGE
appl udp-rtp startport 9600 size 10880
!
ip nat inside source list 1 interface GigabitEthernet 0/0 overload portmap UDP_RANGE

MutondoSitemba9893 · ‎03-13-2020

Hi

Just tried this but no joy, no ports are being forwarded to the local IP address.

Cristian Matei · ‎03-13-2020

Hi,

The route-map i used for policy NAT, and although in the ACL you use TCP/UDP, these are ignored, you should use IP based statements in the route-map. As the IOS NAT configuration does not allow you to configure range of ports for your NAT statement, your bet option is to leave it as static NAT (without the route-map) and have an inbound ACL configured which actually restart access to the port range of 10000-20000.

Regards,

Cristian Matei.