cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2429
Views
5
Helpful
16
Replies

Portforwading with the same Port number to the same router on 2 different WAN interfaces

nwekechampion
Level 3
Level 3

Hi all,

 

Just wondering if this is possible on cisco.. doesn't seem to have worked for me.

 

I am trying to do some  Portforwading with the same Port number to the same router on 2 different WAN interfaces.

 

ip nat inside source static tcp 192.168.0.252 50000 interface Cellular0 50000

ip nat inside source static tcp 192.168.0.252 50000 interface Dialler2 50000  ==> not working, as cisco does not allow me to have 2 similar port numbers. So I can only have one of the above, not both. However, I would need both working as this is a failover config.

 

Thanks so much all.

 

 

16 Replies 16

Hello
This may be due to your own rtr by default creating arp aliases for each of the static nat statements public natted address, So then any arp request/replies from/to these hosts the router will be responding with the same mac address hence it could be why the rtr is complaining about duplicate address conflict with the dynamic route-map nat interface statements.

To negate this you could try and append the "no-alias" to your static nat statements, and then add a static arp entry for each public facing interface with it own mac-address.

sh arp | in 110.60.65.2|200.60.65.2
sh ip aliases


try this first
ip nat inside source static tcp 192.168.1.2 80 110.60.65.2 80 extendable
no-alias
ip nat inside source static tcp 192.168.1.2 80 200.60.65.2 80 extendable no-alias

if that doesn't t help then also add the following:
arp 110.60.65.2 axxx.xxx.xxx arpa ( mac address of public facing interface)
arp 200.60.65.2 bxxx.xxx.xxx arpa ( mac address of public facing interface)


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hi Paul,

Thanks so much for your reply.

Not necessarily though, I made a mistake in the nat statement. My statement was pointing to the next hop address, instead of the addresses of the WAN interfaces themselves:
So in my case all I did was put the following:

ip nat inside source static tcp 192.168.1.2 80 110.60.65.1 80 extendable
ip nat inside source static tcp 192.168.1.2 80 200.60.65.1 80 extendable


So basically changed from .2 ==> .1 on the WAN ip address statement.

Many thanks Paul for your help