Hiya Mark,

Thank for your quick response, I get the following

Ok so NAT looks to be working well and I also see port 80 translations as well in there

are you able to http to this ip locally without NAT ?

does that device have any firewall software on it or strong av software that may prevent connections

if you remove the static NAT does it work on the general NAT statement that everything else is working on ?

I can get to 192.168.11.3:80 with no problems locally and it has been working on our old service but if in try going  88.215.5.151:80 locally I get "refused to connect" if I do it from outside the connection times out.

when you say about removing the static NAT which part do you mean? (Sorry think i'm having a really blonde day today) 

Thanks Libbie

Hi

so I was just wondering if its something to do with the static itself even though its looks  fine

you have 2 sets of nat rules in place 1 is a specific static for .3 but you also have the full subnet it also belongs to in the overload statement

as a test if you remove this line just to see if overload picks it up instead , really you should be able to have both--- no ip nat inside source static tcp 192.168.11.3 80 interface Dialer1 80

Or another option instead of using the dialer interface in the static nat change it to the actual ip see if that works , these are just couple of things I would try

ip nat inside source static tcp 192.168.11.3 80 88.215.5.151 80

Thanks again Mark

But no joy, tried removing each of the NAT lines and putting our public IP and still not working :(

Don't think it really means anything but I can telnet onto the router from outside, port 23 is the next port I need to forward to somewhere else, so gave it a try and no joy... making me think there is something wrong with the NAT setup

Libs 

Mark, do I need need to add the dialer and FastEthernet3 which is connect to my network to my vlan1? could this be the issue?

Libbie

Hi

dialer is a routed interface with diff subnet than vlan 1 so no it cannot be part of it , you have static NAT set correctly as per doc

F3 is already part of vlan 1 looking at your config default unless otherwise specified , you only require NAT inside on vlan interface and outside on dialer , if it wasn't set correctly none of your nat translations would be working , currently only the static is failing as per the outouts you gave in show ip nat translations

Configuring NAT to Redirect TCP Traffic to Another TCP Port or Address

interface ethernet 0 
 ip address 172.16.10.1 255.255.255.0
 ip nat inside

!--- Defines Ethernet 0 with an IP address and as a NAT inside interface.


interface serial 0
 ip address 200.200.200.5 255.255.255.252
 ip nat outside

!--- Defines serial 0 with an IP address and as a NAT outside interface.


ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80

http://www.techrepublic.com/blog/data-center/configure-static-nat-for-inbound-connections/

Hi Mark, thanks for all your help.

I think I've sorted, the issue wasn't with the router it was elsewhere on the the network

Thanks again

Libbie 

Ah great I was starting to think there may be an actual IOS version bug issue with static NAT  as your config looked grand