Solved: configure cisco router to map tcp port number to client ip address

markz3 · ‎01-21-2020

Hi, I have a cisco 2911 running ios version Version 15.0(1r)M12.

I am wondering if it's possible to map tcp port on the router to the ip address of client.

For example, if my router's ip is a.b.c.d and my client's ip address is 192.168.0.100, is it possible to ssh to the client using this command: 'ssh a.b.c.d 4000' where 4000 is used to inform router that ssh session is intended for 192.168.0.100

thank you in advance.

Muhammad Awais Khan · ‎01-22-2020

@markz3 I just realize I put ports at wrong side. Please refer to below :)

ip nat inside source static tcp 192.168.0.100 22 a.b.c.d 4000

if a.b.c.d belongs to Router interface then you can do below also:

ip nat inside source static tcp 192.168.0.100 22 interface gi0/0 4000

View solution in original post

Muhammad Awais Khan · ‎01-22-2020

@markz3 That's gr8!! Happy to hear that :)

Please mark solution as accepted and helpful if it helped you out :)

View solution in original post

Muhammad Awais Khan · ‎01-21-2020

Hi,

Yes, it is possible. The command will look like:

ip nat inside source static tcp 192.168.0.100 4000 a.b.c.d 22

if a.b.c.d belongs to Router interface then you can do below also:

ip nat inside source static tcp 192.168.0.100 4000 interface gi0/0 22

in addition to above, you have to define ip nat outside on Router ISP facing interface and IP nat inside on Router LAN facing interface.

balaji.bandi · ‎01-21-2020

is this source coming from external or from the same LAN network?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Georg Pauwen · ‎01-22-2020

Hello,

on a side note, if your router supports port mapping, you could try the below:

ip port-map ssh port tcp 4000

and then add use the static NAT entry as suggested by

ip nat inside source static tcp 192.168.0.100 4000 a.b.c.d 4000

In theory, that would allow you to connect to port 4000 and then get redirected to port 4000 on the client.

Have a look at the link below:

https://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7c8.html#wp1001176

Muhammad Awais Khan · ‎01-22-2020

@markz3 I just realize I put ports at wrong side. Please refer to below :)

ip nat inside source static tcp 192.168.0.100 22 a.b.c.d 4000

if a.b.c.d belongs to Router interface then you can do below also:

ip nat inside source static tcp 192.168.0.100 22 interface gi0/0 4000

markz3 · ‎01-22-2020

hi muhammad. thank you so much. at first your solution did not work because my ssh syntax was incorrect. but once i use the correct syntax 'ssh -p 4000 a.b.c.d', your solution works.

thank you again!

Muhammad Awais Khan · ‎01-22-2020

@markz3 That's gr8!! Happy to hear that :)

Please mark solution as accepted and helpful if it helped you out :)

markz3 · ‎01-22-2020

Thank you everyone for all your suggestions....