10-15-2018 08:38 PM - edited 03-05-2019 10:59 AM
Hi, I want to port forward externally from dynamic IP WAN (interface 0) to internal ip's ports to allow/restrict access to ports. So my home box, is IP 192.168.0.10, port 22, or another entry 192.168.0.10 3389 etc.
Here is a config I am using now
At the moment I can only get to 22 on interface 0
Thanks for any help :)
Current configuration : 2043 bytes ! ! Last configuration change at 11:42:23 UTC Sun Oct 14 2018 by amadge ! version 15.0 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname magginoodles ! boot-start-marker boot-end-marker ! enable secret 5 $1$Zb/.$0Hkr1XdjmX4Wccx7r57vo/ enable password XXXXX ! no aaa new-model ! dot11 syslog ip source-route ! ip dhcp excluded-address 192.168.0.1 192.168.0.10 ! ip dhcp pool VLAN99 network 192.168.0.0 255.255.255.0 default-router 192.168.0.1 dns-server 203.0.178.191 203.215.29.191 lease 7 ! ip cef ip domain name sodor ip name-server 203.215.29.191 ip name-server 203.0.178.191 no ipv6 cef ! multilink bundle-name authenticated ! license udi pid CISCO1801/K9 sn FHK112719GH username XXXXX privilege 15 secret 5 $1$G5DV$iD/8Q0n1v68VF/.BX8gpv. ! interface ATM0 no ip address shutdown no atm ilmi-keepalive ! ! interface BRI0 no ip address encapsulation hdlc shutdown isdn point-to-point-setup ! ! interface FastEthernet0 ip address dhcp ip nat outside ip virtual-reassembly duplex auto speed auto ! ! interface FastEthernet1 switchport access vlan 99 ! ! interface FastEthernet2 switchport access vlan 99 ! ! interface FastEthernet3 shutdown ! ! interface FastEthernet4 shutdown ! interface FastEthernet5 shutdown ! ! interface FastEthernet6 shutdown ! ! interface FastEthernet7 shutdown ! ! interface FastEthernet8 shutdown ! ! interface Vlan1 no ip address shutdown ! ! interface Vlan99 ip address 192.168.0.1 255.255.255.0 ip nat inside ip virtual-reassembly ! ! ip forward-protocol nd no ip http server no ip http secure-server ! ! ip nat inside source route-map NAT interface FastEthernet0 overload ip route 0.0.0.0 0.0.0.0 FastEthernet0 dhcp ! access-list 1 permit 192.168.0.0 0.0.0.255 ! route-map NAT permit 10 match ip address 1 match interface FastEthernet0 ! ! control-plane ! ! line con 0 line aux 0 line vty 0 4 password XXXXX login local transport input ssh ! end
Solved! Go to Solution.
10-15-2018 09:01 PM
Hi
If you want to do port forwarding, the command will look like:
- for rdp:
ip nat inside source static tcp 192.168.0.10 3389 interface FastEthernet0 3389
- for ssh:
ip nat inside source static tcp 192.168.0.10 22 interface FastEthernet0 22
10-15-2018 09:01 PM
Hi
If you want to do port forwarding, the command will look like:
- for rdp:
ip nat inside source static tcp 192.168.0.10 3389 interface FastEthernet0 3389
- for ssh:
ip nat inside source static tcp 192.168.0.10 22 interface FastEthernet0 22
10-15-2018 09:22 PM
Thanks @Francesco Molino! worked perfectly
10-15-2018 09:31 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide