Newbie port forwarding question

federico_tv · ‎10-22-2015

In order to forward a single port/protocol from WAN to a host inside the LAN and ALL the remaining ports and protocols to another host inside the LAN, can i use these two commands in this order ? :

ip nat inside source static <protocol> <host#1_IP> <port> interface <wan_interface> <port>

ip nat inside source static <host#2_IP> interface <wan_interface>

i.e.

wan=eth2

all ports and protocols transaprent to 192.168.1.1 but port 8080 tcp to 192.168.1.100

ip nat inside source static tcp 192.168.1.100 8080 interface eth2 8080

ip nat inside source static 192.168.1.1 interface eth2

Thank you

yogeshbb11 · ‎10-27-2015

hello federico,

ip nat inside source static tcp 192.168.1.100 8080 interface eth2 8080 extendable

this will work for port forwarding

remove ,ip nat inside source static 192.168.1.1 interface eth2

and create access list,

access-list 1 permit 192.168.1.0 0.0.0.255 any

ip nat inside source list 1 interface eth2 overload

note,define inside and outside interface

by "ip nat inside" & "ip nat outside " command

Thanks & regards,

YOGESH BHAVSAR

“Spooster IT Services

federico_tv · ‎10-29-2015

Thanks for reply

Ok this works for basic port forwarding, , on port 8080 in this case to a single host

But what I really need is to forward any port and any protocol from WAN to a single host (192.168.1.1 in the example) EXCEPT the only port 8080 that has to be forwarded to 192.168.1.100

To make the whole WAN transparent to a single host I have always used the line :

ip nat inside source static 192.168.1.1 interface eth2

I was aksing if inserting a common portforwarding rule before of this one , it would work ...