Cisco Router using NAT forward all ports

Discussion in 'Cisco' started by John Jacob, Aug 3, 2004.

  1. John Jacob

    John Jacob Guest

    This may sound like a dumb question, but I don't know how to do this
    and need to in order to get my network set up.

    I have a Cisco 1721 router with 2 interfaces. I also have a Cisco PIX
    Firewall and a OPENBSD Firewall. My ISP gave me a static IP address,
    but it is NAT'd, not routed, meaning I have a private IP address at my
    router. I'm trying to get a second IP address and they will give it to
    me, but again a NAT'd private IP address.

    What I'm wanting to do is set up my 1721 router using NAT and pass all
    incoming traffic on the outside interface for the first IP address my
    ISP gave me to my Cisco Firewall. Then I want to set up the second IP
    address using NAT to pass all incoming traffic to the OPENBSD
    firewall. I also have two additional firewalls that I want to be able
    to put in parallel with my two that have static IP addresses, but not
    pass inbound traffic to them from the Internet. I've done lots of NAT
    and know how to do "ip nat inside source static tcp" for individual
    ports. I've never tried to just pass all incoming traffic for a
    particular outside address to an inside box / firewall and I'm not
    sure of the syntax I need to use to get that accomplished. My ISP is
    doing that already for my private IP address, so I know it can be
    done.

    Anybody have some tips for me as to how I can do this. If you're going
    to make some stupid comment like read the book, please don't. I've
    been looking into this for months already and have not been able to
    find out how to do it in books, etc.

    Thanks,

    John Jacob
    John Jacob, Aug 3, 2004
    #1
    1. Advertising

  2. John Jacob

    PES Guest

    "John Jacob" <> wrote in message
    news:...
    > This may sound like a dumb question, but I don't know how to do this
    > and need to in order to get my network set up.
    >
    > I have a Cisco 1721 router with 2 interfaces. I also have a Cisco PIX
    > Firewall and a OPENBSD Firewall. My ISP gave me a static IP address,
    > but it is NAT'd, not routed, meaning I have a private IP address at my
    > router. I'm trying to get a second IP address and they will give it to
    > me, but again a NAT'd private IP address.
    >
    > What I'm wanting to do is set up my 1721 router using NAT and pass all
    > incoming traffic on the outside interface for the first IP address my
    > ISP gave me to my Cisco Firewall. Then I want to set up the second IP
    > address using NAT to pass all incoming traffic to the OPENBSD
    > firewall. I also have two additional firewalls that I want to be able
    > to put in parallel with my two that have static IP addresses, but not
    > pass inbound traffic to them from the Internet. I've done lots of NAT
    > and know how to do "ip nat inside source static tcp" for individual
    > ports. I've never tried to just pass all incoming traffic for a
    > particular outside address to an inside box / firewall and I'm not
    > sure of the syntax I need to use to get that accomplished. My ISP is
    > doing that already for my private IP address, so I know it can be
    > done.
    >
    > Anybody have some tips for me as to how I can do this. If you're going
    > to make some stupid comment like read the book, please don't. I've
    > been looking into this for months already and have not been able to
    > find out how to do it in books, etc.
    >
    > Thanks,
    >
    > John Jacob


    Just to answer you question and not get too deep into design, you can use
    the "ip nat inside source static tcp" without the "tcp". Also, drop the
    port. For example ip nat inside source static <ipaddr> <ipaddr>.
    PES, Aug 3, 2004
    #2
    1. Advertising

  3. John Jacob

    John Jacob Guest

    "PES" <NO*SPAMpestewartREMOVE**SUCKS> wrote in message news:<410f5f5e$>...
    > "John Jacob" <> wrote in message
    > news:...
    > > This may sound like a dumb question, but I don't know how to do this
    > > and need to in order to get my network set up.
    > >
    > > I have a Cisco 1721 router with 2 interfaces. I also have a Cisco PIX
    > > Firewall and a OPENBSD Firewall. My ISP gave me a static IP address,
    > > but it is NAT'd, not routed, meaning I have a private IP address at my
    > > router. I'm trying to get a second IP address and they will give it to
    > > me, but again a NAT'd private IP address.
    > >
    > > What I'm wanting to do is set up my 1721 router using NAT and pass all
    > > incoming traffic on the outside interface for the first IP address my
    > > ISP gave me to my Cisco Firewall. Then I want to set up the second IP
    > > address using NAT to pass all incoming traffic to the OPENBSD
    > > firewall. I also have two additional firewalls that I want to be able
    > > to put in parallel with my two that have static IP addresses, but not
    > > pass inbound traffic to them from the Internet. I've done lots of NAT
    > > and know how to do "ip nat inside source static tcp" for individual
    > > ports. I've never tried to just pass all incoming traffic for a
    > > particular outside address to an inside box / firewall and I'm not
    > > sure of the syntax I need to use to get that accomplished. My ISP is
    > > doing that already for my private IP address, so I know it can be
    > > done.
    > >
    > > Anybody have some tips for me as to how I can do this. If you're going
    > > to make some stupid comment like read the book, please don't. I've
    > > been looking into this for months already and have not been able to
    > > find out how to do it in books, etc.
    > >
    > > Thanks,
    > >
    > > John Jacob

    >
    > Just to answer you question and not get too deep into design, you can use
    > the "ip nat inside source static tcp" without the "tcp". Also, drop the
    > port. For example ip nat inside source static <ipaddr> <ipaddr>.


    PES,

    Thanks for the info. I did some additional searches last night and
    happened to run across that same answer from someone else. Glad to see
    it verified. I'll give that a try.

    John
    John Jacob, Aug 3, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Y29tZWR5XzE3?=

    How to forward ports...

    =?Utf-8?B?Y29tZWR5XzE3?=, Jul 31, 2004, in forum: Wireless Networking
    Replies:
    1
    Views:
    1,288
  2. Kimball K Kinnison

    Forward Ports in XP

    Kimball K Kinnison, Sep 17, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    479
    Kimball K Kinnison
    Sep 18, 2003
  3. Phil
    Replies:
    1
    Views:
    475
    done automatically
    Jan 6, 2006
  4. Wayne Rasmussen
    Replies:
    2
    Views:
    466
    Wayne Rasmussen
    Feb 23, 2007
  5. Forward Ports

    , Feb 5, 2008, in forum: Wireless Networking
    Replies:
    1
    Views:
    605
    Jack \(MVP-Networking\).
    Feb 5, 2008
Loading...

Share This Page