Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1323
Views
0
Helpful
5
Replies

NAT with port range

Go to solution
asgerhartmann
Level 1
Level 1

‎04-07-2011 11:57 PM - edited ‎03-06-2019 04:30 PM

Having a 1841 with two interfaces. I need to set up NAT with a range of ports. I already have inside interface and outside interface configured plus i have various static NAT entries with syntax e.g.:

ip nat inside source static 192.168.200.10 4443 87.120.250.47 4443 ext

This works fine and i have 10 static entries in the router by now. Now my newest challenge is to open a port range 50000 to 59999.

Using CLI or Cisco CP i cannot do anything else then mapping one inside port to one outside port.

Do i really have to type in 10000 lines of config? Or is there a way around this?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Latchum Naidu
VIP Alumni
VIP Alumni
In response to IAN WHITMORE

‎04-08-2011 01:18 AM

Hi,

The best way I would suggest is creat a nat statement with assigning route-map to it like below.

ip nat inside source static 192.168.200.10 87.120.250.47 route-map NAT extendable

access-list 109 permit tcp host 192.168.200.10 range 50000 59999 any

route-map NAT permit 10
match ip address 109


Hope the above will help you.

Please rate the helpfull posts.
Regards,
Naidu.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
IAN WHITMORE
Level 4
Level 4

‎04-08-2011 12:36 AM

Well, I think the best way is to do a static nat for the IP in question (i.e. all 65535 ports) and then allow the port range in an access-list.

0 Helpful

Go to solution
Latchum Naidu
VIP Alumni
VIP Alumni
In response to IAN WHITMORE

‎04-08-2011 01:18 AM

Hi,

The best way I would suggest is creat a nat statement with assigning route-map to it like below.

ip nat inside source static 192.168.200.10 87.120.250.47 route-map NAT extendable

access-list 109 permit tcp host 192.168.200.10 range 50000 59999 any

route-map NAT permit 10
match ip address 109


Hope the above will help you.

Please rate the helpfull posts.
Regards,
Naidu.

0 Helpful

Go to solution
asgerhartmann
Level 1
Level 1
In response to Latchum Naidu

‎04-08-2011 03:59 AM

Ok. Thanks for the answers. I will give both above a try and see whats best way forwa

rd.

0 Helpful

Go to solution
asgerhartmann
Level 1
Level 1
In response to asgerhartmann

‎04-14-2011 02:47 AM

Well, thanks for the replies. I havent yet deployed this - but will do soon.

Question is now...how do i mark this discussion as "answered"?

BR

Asger

0 Helpful

Go to solution
Latchum Naidu
VIP Alumni
VIP Alumni
In response to asgerhartmann

‎04-14-2011 03:01 AM

Hi Asger,

You just need to click on the correct answer box which will be there below to this post.

Regards,

Naidu.

0 Helpful
Customers Also Viewed These Support Documents