Solved: I just asked a friend to try

mquevedob · ‎12-16-2014

Hi,

I am trying to NAT a service from the internet to an internal server IP and port

my Public IP is xxx.xxx.xxx.166 port 8181 and my private IP is the 192.168.3.150 port 8181

here is my config

Current configuration : 2763 bytes
!
! Last configuration change at 21:18:22 UTC Tue Dec 16 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname hrc_r01
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
ip dhcp excluded-address 10.10.7.1 10.10.7.10
ip dhcp excluded-address 192.168.2.1
!
ip dhcp pool VLAN7
network 10.10.7.0 255.255.255.0
default-router 10.10.7.1
dns-server 10.10.7.1
!
ip dhcp pool VLAN3
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 192.168.2.1
!
!
!
ip domain name hrc.com.py
ip name-server 190.104.163.57
ip name-server 200.3.250.1
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn FGL1834240J
!
!
username xxxxxx privilege 15 password 0 xxxxxx
!
redundancy
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description LAN
no ip address
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0.3
encapsulation dot1Q 3
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.7
encapsulation dot1Q 7
ip address 10.10.7.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.8
encapsulation dot1Q 8
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.9
encapsulation dot1Q 9
ip address 192.168.4.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
description WAN
ip address xxx.xxx.xxx.166 255.255.255.252
ip nat outside
no ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
no ip address
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1
no ip address
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip nat inside source static tcp 192.168.3.150 8181 xxx.xxx.xxx.166 8181 extendable
ip route 0.0.0.0 0.0.0.0 190.104.170.165
!
access-list 1 permit 10.10.7.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 1 permit 192.168.4.0 0.0.0.255
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login local
transport input all
line vty 5 15
login local
transport input all
!
scheduler allocate 20000 1000
!
end

vishal vyas · ‎12-16-2014

if you are trying to access from inside network, you need to use

http://192.168.3.150/8181

View solution in original post

Reza Sharifi · ‎12-16-2014

Hi,

Your config looks correct.

HTH

mquevedob · ‎12-16-2014

I also tried

ip nat inside source static tcp 192.168.3.150 8181 interface GigabitEthernet0/1 8181

but it didnt work either

mquevedob · ‎12-16-2014

I just asked a friend to try it from a different network and it works!

It seems like my PC cant access it because it is connected to the internal network

vishal vyas · ‎12-16-2014

Did you try to login with?

http://190.104.170.166:8181/

vishal vyas · ‎12-16-2014

if you are trying to access from inside network, you need to use

http://192.168.3.150/8181

Cisco Router 1921 NAT to internal Service