05-09-2017 06:03 AM - edited 03-05-2019 08:30 AM
Hello togehter,
i was wondering if anybody could hint me to the right direction, been wondering if something like this is possible?
What i want to achieve.
I want different internal servers to be accessible from the internet but only on specified ports and only on one public address
Example
PUBLIC_IP1:6001->INTERNAL_IP1:6001
PUBLIC_IP1:6002->INTERNAL_IP1:6002
PUBLIC_IP1:80->INTERNAL_IP2:80
As this is an example is there a possibilty to define ranges that could be forwarded, in this example it is 2 ports to INTERNAL_IP1 and 1 to INTERNAL_IP2, but it could be possible that i would have define 100's of ports?
With kind regards
05-09-2017 10:53 AM
Karsten,
don't forget the 'extendable' keyword at the end of your NAT statements, which allows for multiple translations using the same address.
ip nat inside source static INTERNAL_IP1 6001 PUBLIC_IP1 6001 extendable
ip nat inside source static INTERNAL_IP1 6002 PUBLIC_IP1 6002 extendable
ip nat inside source static INTERNAL_IP1 80 PUBLIC_IP1 80 extendable
05-19-2017 05:51 AM
Hi Karsten Kemper,
Following is the sample configuration:-
ip nat inside source static tcp INTERNAL_IP1 6001 PUBLIC_IP1 6001
ip nat inside source static tcp INTERNAL_IP1 6002 PUBLIC_IP1 6002
ip nat inside source static tcp INTERNAL_IP2 80 PUBLIC_IP1 80
NOTE:- You may need to add extendable keyword in the end of above each statement but some router add it by itself if they see multiple connections coming from same source IP.
Make sure to allow the traffic in inbound ACL if any at WAN facing interface
Question2 :- As this is an example is there a possibilty to define ranges that could be forwarded, in this example it is 2 ports to INTERNAL_IP1 and 1 to INTERNAL_IP2, but it could be possible that i would have define 100's of ports?
Answer:- Yes, you need to add 100 NAT statements as i did for two ports in above sample configuration.
Please rate if this is helpful.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide