Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
631
Views
0
Helpful
5
Replies

How to configure internal Server port translate on cEdge ?

Go to solution
Rps-Cheers
VIP
VIP

‎01-20-2022 02:17 AM

Hello,

We need configure end user internal server tcp443 port translate to cEdge interface tcp 4433 (there is only one public ip address), how to do it ?

 

The same commands of IOS:

 ip nat outside
 ip nat inside
ip nat inside source static tcp 172.16.x.x 443 100.1.1.1 4433 extendable
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rps-Cheers
VIP
VIP
In response to Flavio Miranda

‎01-20-2022 06:07 PM

I think you misunderstood what I meant. I want to map the internal server's port mirroring to another TCP port on the router's public network interface on the router. Instead of modifying the ports for the default protocol on the router, and this is an Edge device in SDWAN, not a traditional IOS router configuration.
I confirmed with Cisco that cEdge will not support this function for the time being, and it needs to be supported in a later version. Currently vEdge should support this feature.
Anyway, thanks for your help, thanks.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Flavio Miranda
VIP
VIP

‎01-20-2022 07:49 AM

Hi

 What you need is called PAT (Port address translation) where you keep one IP address and  differentiate services buy TCP ports.

The question I have is, where are you going to apply this PAT? It will be on the Router itself?

 

 

0 Helpful

Go to solution
Rps-Cheers
VIP
VIP
In response to Flavio Miranda

‎01-20-2022 03:37 PM

Yes,its PAT.

In addition to doing it on the edge, can it be done on other devices? (Only one edge has no other devices, the switch connected downstream the edge)

Do you know how to configure?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to Rps-Cheers

‎01-20-2022 05:04 PM

Well, PAT or NAT requires one interface to be inside and one interface to be outside. I mean, the device that perform NAT/PAT is meant to be before the target device. If I understude you well, you want to perform NAT but you have only the router itself. I dont think it is possible.

 What  you can do is change HTTPS port from 443 to 4443 internaly.

 

conf t

ip http sercure-port 4443

 

 

0 Helpful

Go to solution
Rps-Cheers
VIP
VIP
In response to Flavio Miranda

‎01-20-2022 06:07 PM

I think you misunderstood what I meant. I want to map the internal server's port mirroring to another TCP port on the router's public network interface on the router. Instead of modifying the ports for the default protocol on the router, and this is an Edge device in SDWAN, not a traditional IOS router configuration.
I confirmed with Cisco that cEdge will not support this function for the time being, and it needs to be supported in a later version. Currently vEdge should support this feature.
Anyway, thanks for your help, thanks.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful

Go to solution
Rps-Cheers
VIP
VIP

‎01-20-2022 06:48 PM

Port-Forwarding from Transport VPN to Service VPN not availble on cedge but available on vedge.
CSCvx65075
Description
Symptom: Port-Forwarding is not supported on cedge devices and missing basic functionality which for users having webserver in Service VPN cannot connect from Internet. Conditions: Not supported feature. Workaround: NA Further Problem Description: Scenario : Internet -> cEdge VPN0 public IP TCP port 80 -> VPN10 local IP 192.168.10.5 TCP port 80. In case we have public IP address at the VPN0 interface of my ISR router with RFC1918 IP addresses for VPN1, like 192.168.1.0/24. There is a web server in VPN1, for example 192.168.1.100. we cannot forward TCP ports 80 and 443 from outside public IP to this web server. This web server should be accessible from the Internet.(this is supported in vedge)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents