Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
658
Views
0
Helpful
6
Replies

Configuring a router to use NAT

revcoyote
Level 1
Level 1

‎04-28-2023 03:22 PM

I am configuring my router to use NAT my ISP provides me with a DHCP address. I am also needing outside users to access to some servers on my network. This is what I have so far. Am I missing. Any recommendations would also be appreciated. I am learning that as I go along.

Labels:
Preview file
1 KB
0 Helpful
6 Replies 6

MHM Cisco World
VIP
VIP

‎04-28-2023 03:27 PM - edited ‎04-29-2023 03:22 PM 

ip nat inside list 101 interface gi0/1

Only correct interface number 

Note :- some sw add by default overload keyword

0 Helpful

ammahend
VIP
VIP

‎04-28-2023 03:55 PM - edited ‎04-28-2023 03:55 PM

to access inside device using outside IP, you will need additional command for e.g.

ip nat inside source static tcp 10.1.1.1 23 5.5.5.1 23

here 10.1.1.1 is your internal server which you want to access from outside on port 23, 5.5.5.1 is your public IP facing internet, for stability it would be better to have this IP static rather than DHCP.

 

-hope this helps-
0 Helpful

Flavio Miranda
VIP
VIP

‎04-28-2023 07:42 PM

Hello,

 If your ISP is providing you DHCP, probably they are doing NAT for you on their end. For exit traffic, you just need to create a static route from your router pointing to the ISP gateway.

 Now, NAT from outside to inside does not make sense as you are using DHCP.  How can you possibly know which IP address to call?

 Does your ISP assign to you a public or private IP address? If public, there´s some hope but if private, you will not reach it from the internet. And you can not put NAT on ISP device either.

0 Helpful

revcoyote
Level 1
Level 1
In response to Flavio Miranda

‎04-29-2023 02:13 PM

NAT is being done by my router. All residential routers can do this. The ISP assigns me a public address from their DHCP pool. IP address call is managed by the router software. Any change in the public address is handled through Dynamic DNS (DDNS) hosted by a friend of my wife. What is frustrating is I know other people have successful done this and made a commercial router into a home router.  

0 Helpful

Flavio Miranda
VIP
VIP
In response to revcoyote

‎04-29-2023 03:43 PM

As I said, if you receive a public IP address from ISP, there is some hope. 

 What you need to do is on this link

https://www.networkstraining.com/cisco-router-port-forwarding-configuration/ 

 

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Flavio Miranda

‎05-01-2023 12:45 AM

There are 2 parts to the issue that you describe. One is nat for devices in your network to access the Internet. The other is for devices in Internet to access servers in your network.

The nat config in the original post would accomplish the first part if some issues are addressed:

- most important the nat statement points to g0/0 and should point to g0/1.

- almost as important the acl permits a single host address. It should permit the subnet.

- the config uses an extended acl with permit any for destination. There is no need for an extended acl here and I have seen situations where it causes issues. I suggest changing it to a standard acl permitting the inside network.

The second part is more of a challenge. For Internet hosts to access servers in your network the more typical solution is to have additional Public IP assigned to you from ISP and to do static nat with those addresses. If you do not have additional Public IP then it might be possible to do some port forwarding to forward particular protocol ports to specified addresses inside. 

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card