Hello, thanks for answering. Here are my nat rules:

ip nat pool desarrollos *.*.*.* *.*.*.*.* prefix-length 29

ip nat inside source list 7 pool desarrollos overload

ip nat inside source static tcp 172.16.16.125 8000 *.*.*.* 8000 extendable

ip nat inside source static tcp 172.16.16.125 8003 *.*.*.* 8003 extendable

ip nat inside source static tcp 172.16.16.125 8004 *.*.*.* 8004 extendable

ip nat inside source static tcp 172.16.16.125 8006 *.*.*.* 8006 extendable

ip nat inside source static tcp 172.16.16.125 8007 *.*.*.* 8007 extendable

ip nat inside source static tcp 172.16.16.125 8080 *.*.*.* 8080 extendable

ip nat inside source static tcp 172.16.16.127 443 *.*.*.* 443 extendable

ip nat inside source static tcp 172.16.16.127 8080 *.*.*.* 8080 extendable

ip nat inside source static tcp 172.16.16.127 8081 *.*.*.* 8081 extendable

ip nat inside source static tcp 172.16.16.167 8084 *.*.*.* 8084 extendable

ip nat inside source static tcp 172.16.16.127 8083 *.*.*.* 8083 extendable

ip nat inside source static tcp 172.16.16.127 8586 *.*.*.* 8586 extendable

ip nat inside source static tcp 172.16.16.122 80 *.*.*.* 80 extendable

ip nat inside source static tcp 172.16.16.122 443 *.*.*.* 443 extendable

ip nat inside source static udp 172.16.16.124 1194 *.*.*.* 1194 extendable

Note that I only have 1 port 80 rule, and it´s not pointing to my printer.

Do you need any more info?

Thanks again.

That's interesting. Do you have a printer mapped with a static nat translation? Can you do "show ip nat trans | inc " and post the results?

Sure:

show ip nat trans | inc 172.16.16.34

tcp A.A.A.A:80 172.16.16.34:80    190.6.62.86:40230  190.6.62.86:40230

tcp A.A.A.A:80 172.16.16.34:80    190.6.62.86:40234  190.6.62.86:40234

---  A.A.A.A    172.16.16.34       ---                ---

Mmmm What does this means? it clearly shows that is nating the A.A.A.A address to my printer (172.16.16.34), but why? :-/

Note: A.A.A.A is the public address that points to my printer web portal as I said in the first post.

By the way, I don´t know what that 190.6.62.86 address is...

Thanks again.

Name:    host-190-6-62-86.NET-UNO.NET

Address:  190.6.62.86

Is your printer web portal mapped to one of the outgoing IPs in the pool by chance?

Not that I´m aware of.... how can I check that?

Do a "sh run | inc ip nat pool" If your public address that your printer is natting to is in that pool, I'm going to assume that someone was able to connect to it before the translation expired.

Do you have an acl on your outside interface to allow only traffic into your network to the IPs that you have configured for static nat? You should....

Well I did a "sh run | inc ip nat pool" and yes, the Ip address is included on this pool. What does it means?

My first thought is that your web server went out to the web and had the address mapped. Once that happened, someone connected to the mapped ip address and it never timed out. Can you answer the other question if you have an acl on your outside interface?