cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1866
Views
5
Helpful
3
Replies

Port forward DHCP WAN interface

magginoodles
Level 1
Level 1

Hi, I want to port forward externally from dynamic IP WAN (interface 0) to internal ip's ports to allow/restrict access to ports. So my home box, is IP 192.168.0.10, port 22, or another entry 192.168.0.10 3389 etc.

Here is a config I am using now

 

At the moment I can only get to 22 on interface 0 

 

Thanks for any help :)

 

Current configuration : 2043 bytes
!
! Last configuration change at 11:42:23 UTC Sun Oct 14 2018 by amadge
!
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname magginoodles
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Zb/.$0Hkr1XdjmX4Wccx7r57vo/
enable password XXXXX
!
no aaa new-model
!
dot11 syslog
ip source-route
!
ip dhcp excluded-address 192.168.0.1 192.168.0.10
!
ip dhcp pool VLAN99
   network 192.168.0.0 255.255.255.0
   default-router 192.168.0.1
   dns-server 203.0.178.191 203.215.29.191
   lease 7
!
ip cef
ip domain name sodor
ip name-server 203.215.29.191
ip name-server 203.0.178.191
no ipv6 cef
!
multilink bundle-name authenticated
!
license udi pid CISCO1801/K9 sn FHK112719GH
username XXXXX privilege 15 secret 5 $1$G5DV$iD/8Q0n1v68VF/.BX8gpv.
!
interface ATM0
 no ip address
 shutdown
 no atm ilmi-keepalive
 !
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
 isdn point-to-point-setup
 !
!
interface FastEthernet0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
 !
!
interface FastEthernet1
 switchport access vlan 99
 !
!
interface FastEthernet2
 switchport access vlan 99
 !
!
interface FastEthernet3
 shutdown
 !
!
interface FastEthernet4
 shutdown
 !
interface FastEthernet5
 shutdown
 !
!
interface FastEthernet6
 shutdown
 !
!
interface FastEthernet7
 shutdown
 !
!
interface FastEthernet8
 shutdown
 !
!
interface Vlan1
 no ip address
 shutdown
 !
!
interface Vlan99
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 !
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source route-map NAT interface FastEthernet0 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet0 dhcp
!
access-list 1 permit 192.168.0.0 0.0.0.255
!
route-map NAT permit 10
 match ip address 1
 match interface FastEthernet0
 !
!
control-plane
 !
!
line con 0
line aux 0
line vty 0 4
 password XXXXX
 login local
 transport input ssh
!
end
1 Accepted Solution

Accepted Solutions

Francesco Molino
VIP Alumni
VIP Alumni

Hi

 

If you want to do port forwarding, the command will look like: 

 

- for rdp:

ip nat inside source static tcp 192.168.0.10 3389 interface FastEthernet0 3389

 

- for ssh:

ip nat inside source static tcp 192.168.0.10 22 interface FastEthernet0 22

 

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

3 Replies 3

Francesco Molino
VIP Alumni
VIP Alumni

Hi

 

If you want to do port forwarding, the command will look like: 

 

- for rdp:

ip nat inside source static tcp 192.168.0.10 3389 interface FastEthernet0 3389

 

- for ssh:

ip nat inside source static tcp 192.168.0.10 22 interface FastEthernet0 22

 

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Thanks @Francesco Molino! worked perfectly

You're welcome

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Review Cisco Networking for a $25 gift card