Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8634
Views
5
Helpful
9
Replies

How to enable port forwarding to get some TCP services

Raheel qaiser
Level 1
Level 1

‎01-09-2016 03:45 AM - edited ‎03-08-2019 03:21 AM

As Attachment snap showing the scenario, i need a suggestion to get (http/https/pop3/smtp) access for the network(192.168.0.9)  through the internet server(192.168.0.123) placed on the other side of my router(LDC_Sharaf Router).

Basic routing is enabled for network convergence between both routers and both inside local hosts can access each others.

Please suggest a solution.

Labels:
Preview file
38 KB
0 Helpful
9 Replies 9

julijime
Cisco Employee
Cisco Employee

‎01-09-2016 05:42 AM

Hi Raheel,

The following link has a good explanation and example on how to configure this using NAT:

http://www.cisco.com/c/en/us/support/docs/long-reach-ethernet-lre-digital-subscriber-line-xdsl/asymmetric-digital-subscriber-line-adsl/12905-827spat.html

HTH,

Julio

0 Helpful

Masoud Pourshabanian
VIP Alumni
VIP Alumni

‎01-09-2016 08:28 AM

Hello,

ip nat inside source static tcp 192.168.0.123 80 192.168.200.1  80  (for http)

ip nat inside source static tcp 192.168.0.123 443 192.168.200.1  443  (for https)

ip nat inside source static tcp 192.168.0.123 25 192.168.200.1  25  (for smtp)

and so on

Router LCD-sharaf

interface x.x

description toward server

ip address 192.168.0.2 255.x.x.x

ip nat inside

interface x.x

description toward RB-router

ip address 192.168.200.1 255.x.x.x

ip nat outside

I supposed you have access on router LCD. If you use 192.168.200.1 as your address to access http and smtp and ..., LCD router will translate it to the real sever IP address.

Let me know I did not understand your question correctly.

Masoud

Raheel qaiser
Level 1
Level 1
In response to Masoud Pourshabanian

‎01-10-2016 04:38 AM

Hello Masoud,

highly thankful for your quick guidance, You already got my point and your congs will help me..

Yes infect i have 2 sites connected through wireless link(Intranet. Need of 2nd router was stop broadcasting generated due to heavy traffic at site RB-Router.

Just i was failed to get access to the internet Server123 through router.

But let me ask one more thing please.. will my RB-router be able to forward http/https/ services request to forward :LDC-Router. or i also need to configure NAT in RB-Router to get/receive the required requests from its clients?

0 Helpful

Raheel qaiser
Level 1
Level 1
In response to Raheel qaiser

‎01-10-2016 05:19 AM

Hello Masoud,

Highly thankful for your quick guidance, You already got my point and your configs will help me..

Yes infect i have 2 sites connected through wireless link(Intranet).Need of 2nd router was to stop broadcasting generated due to heavy traffic at site RB-Router.Just i was failed to get access to the internet Server123 through router .

But let me ask one more thing please.. will my RB-router be able to forward http/https/ services request to forward :LDC-Router. or i also need to configure NAT in RB-Router to get/receive the required requests from its clients?

0 Helpful

Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Raheel qaiser

‎01-10-2016 06:14 AM

Hello,

I am just unclear about something. If routing is enable and hosts can reach each other, why would you need port forwarding and NAT? If routing is enable, both routers can forward any packets with any ports(except some traffic such as multicast or broadcast ).

Can you ping your server from your client?

Let me know If I misunderstood something.

Masoud

0 Helpful

Raheel qaiser
Level 1
Level 1
In response to Masoud Pourshabanian

‎01-10-2016 03:16 PM

Right... infect i am using Transparent proxy server but in this scenario i have to configure proxy settings on clients(192.168.9.0) which only works for http and no https or smtp.

0 Helpful

Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Raheel qaiser

‎01-10-2016 05:01 PM

Your mail client will handle that. you need to configure your mail client with the address of your mail server. Just make sure your clients can ping your server(192.168.0.123),


Masoud

0 Helpful

Raheel qaiser
Level 1
Level 1
In response to Masoud Pourshabanian

‎01-12-2016 11:16 PM

Actually Here the issue is;  192.168.0.123 is only an Internet server and Email server will be accessed through internet... RB-Router clients will first get internet access through internet server123 then its client will be able to communicate with Email server.

0 Helpful

Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to Raheel qaiser

‎01-10-2016 07:37 PM

Please check my previous commend before reading this one. My previous comment may solve your problem without using NAT. I am also giving you the configuration on RB router if you decide to implement NAT.

ip nat inside source static tcp 192.168.0.123 80 192.168.9.2 80  (for http)

ip nat inside source static tcp 192.168.0.123 443 192.168.9.2 443  (for https)

ip nat inside source static tcp 192.168.0.123 25 192.168.9.2 25  (for smtp)

and so on

Router RB

interface x.x

description toward server

ip address 192.168.200.2 255.x.x.x

ip nat inside

interface x.x

description toward clients

ip address 192.168.9.1 255.x.x.x

ip nat outside

192.168.9.2 will be your server IP address after NAT. You may want to change it if you have used it in your network. It can be any IP in the range of your interface address based on your topology.

Hope it helps,

Masoud

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card