10-22-2015 07:19 AM - edited 03-05-2019 02:34 AM
In order to forward a single port/protocol from WAN to a host inside the LAN and ALL the remaining ports and protocols to another host inside the LAN, can i use these two commands in this order ? :
ip nat inside source static <protocol> <host#1_IP> <port> interface <wan_interface> <port>
ip nat inside source static <host#2_IP> interface <wan_interface>
i.e.
wan=eth2
all ports and protocols transaprent to 192.168.1.1 but port 8080 tcp to 192.168.1.100
ip nat inside source static tcp 192.168.1.100 8080 interface eth2 8080
ip nat inside source static 192.168.1.1 interface eth2
Thank you
10-27-2015 12:37 AM
hello federico,
ip nat inside source static tcp 192.168.1.100 8080 interface eth2 8080 extendable
this will work for port forwarding
remove ,ip nat inside source static 192.168.1.1 interface eth2
and create access list,
access-list 1 permit 192.168.1.0 0.0.0.255 any
ip nat inside source list 1 interface eth2 overload
note,define inside and outside interface
by "ip nat inside" & "ip nat outside " command
Thanks & regards,
YOGESH BHAVSAR
“Spooster IT Services
10-29-2015 12:46 AM
Thanks for reply
Ok this works for basic port forwarding, , on port 8080 in this case to a single host
But what I really need is to forward any port and any protocol from WAN to a single host (192.168.1.1 in the example) EXCEPT the only port 8080 that has to be forwarded to 192.168.1.100
To make the whole WAN transparent to a single host I have always used the line :
ip nat inside source static 192.168.1.1 interface eth2
I was aksing if inserting a common portforwarding rule before of this one , it would work ...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide