Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
373
Views
5
Helpful
2
Replies

Multiple internal adresses and one external adresses

Karsten Kemper
Level 1
Level 1

‎05-09-2017 06:03 AM - edited ‎03-05-2019 08:30 AM

Hello togehter,

i was wondering if anybody could hint me to the right direction, been wondering if something like this is possible?

What i want to achieve.

I want different internal servers to be accessible from the internet but only on specified ports and only on one public address

Example

PUBLIC_IP1:6001->INTERNAL_IP1:6001

PUBLIC_IP1:6002->INTERNAL_IP1:6002

PUBLIC_IP1:80->INTERNAL_IP2:80

As this is an example is there a possibilty to define ranges that could be forwarded, in this example it is 2 ports to INTERNAL_IP1 and 1 to INTERNAL_IP2, but it could be possible that i would have define 100's of ports?

With kind regards

Labels:
0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎05-09-2017 10:53 AM

Karsten,

don't forget the 'extendable' keyword at the end of your NAT statements, which allows for multiple translations using the same address.

ip nat inside source static INTERNAL_IP1 6001 PUBLIC_IP1 6001 extendable

ip nat inside source static INTERNAL_IP1 6002 PUBLIC_IP1 6002 extendable

ip nat inside source static INTERNAL_IP1 80 PUBLIC_IP1 80 extendable

0 Helpful

singhkulbir29881
Level 1
Level 1

‎05-19-2017 05:51 AM

Hi Karsten Kemper,

Following is the sample configuration:-

ip nat inside source static tcp INTERNAL_IP1 6001 PUBLIC_IP1 6001

ip nat inside source static tcp INTERNAL_IP1 6002 PUBLIC_IP1 6002

ip nat inside source static tcp INTERNAL_IP2 80 PUBLIC_IP1 80

NOTE:- You may need to add extendable keyword in the end of above each statement but some router add it by itself if they see multiple connections coming from same source IP.

Make sure to allow the traffic in inbound ACL if any at WAN facing interface

Question2 :- As this is an example is there a possibilty to define ranges that could be forwarded, in this example it is 2 ports to INTERNAL_IP1 and 1 to INTERNAL_IP2, but it could be possible that i would have define 100's of ports?

Answer:- Yes, you need to add 100 NAT statements as i did for two ports in above sample configuration.

Please rate if this is helpful.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card