Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   IOS NAT (http://www.velocityreviews.com/forums/t678035-ios-nat.html)

Todd Bennett 03-31-2009 06:12 PM
IOS NAT
 
I need to NAT a range of ports from a public IP to a private IP. I
typically use the form:

ip nat inside source static tcp i1.i2.i3.i4 22 p1.p2.p3.p4 22 extendable


I could make quite a few of these statements and have it work, but I want to
specify a range of ports. Does anyone know the syntax to do this?

_________________________________
Todd Bennett
BennTech

bod43 04-01-2009 01:23 AM
Re: IOS NAT
 
On 31 Mar, 19:12, "Todd Bennett" <tabennett(nospam)@benntech.net>
wrote:
> I need to NAT a range of ports from a public IP to a private IP. *I
> typically use the form:
>
> ip nat inside source static tcp i1.i2.i3.i4 22 p1.p2.p3.p4 22 extendable
>
> I could make quite a few of these statements and have it work, but I want to
> specify a range of ports. *Does anyone know the syntax to do this?

I have not needed to do this and have not researched it
however I don't believe that this is available.

If your lists are complex perhaps you might manage them
in Excel and copy paste into the router.

Such a facility is available for address ranges but not
as far as I know for port ranges.

Todd Bennett 04-02-2009 03:19 PM
Re: IOS NAT
 
Thank you for your reply. I may have gotten a solution from another source.
I'm not yet sure if this will work until I test it.

To permit a range through the firewall:
access-list 120 permit <tcp/udp> any any range 10000 20000
int <outside interface>
ip access-group 120 in

To NAT the range of ports:
ip nat inside source static 1.1.1.1 2.2.2.2 route-map NAME extendable
access-list 130 permit tcp any any range 10000 20000
route-map NAME permit 10
match ip address 130

_________________________________
Todd Bennett
BennTech

"bod43" <Bod43@hotmail.co.uk> wrote in message
news:c8b45c2b-bcb1-4439-8c38-fe3bd4a7d234@v38g2000yqb.googlegroups.com...
On 31 Mar, 19:12, "Todd Bennett" <tabennett(nospam)@benntech.net>
wrote:
> I need to NAT a range of ports from a public IP to a private IP. I
> typically use the form:
>
> ip nat inside source static tcp i1.i2.i3.i4 22 p1.p2.p3.p4 22 extendable
>
> I could make quite a few of these statements and have it work, but I want
> to
> specify a range of ports. Does anyone know the syntax to do this?

I have not needed to do this and have not researched it
however I don't believe that this is available.

If your lists are complex perhaps you might manage them
in Excel and copy paste into the router.

Such a facility is available for address ranges but not
as far as I know for port ranges.


All times are GMT. The time now is 12:00 PM.

Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.