How to configure port forwarding for a Cisco 2600 series router?

Discussion in 'Cisco' started by CompGuy, May 10, 2004.

  1. CompGuy

    CompGuy Guest

    Hello....

    My office has a lease line connection to the internet... using a Cisco 2600
    series router..

    I m planning to set up an email server or a web server, but I don't know how
    to configure the router's port forwarding to server IP address.

    I did some telnet but i don't know how to use and understand most of the
    command given. I have tried searching the web for some guides but to no
    avail.

    I sincerely hope someone can guide me or at least points me to a source that
    can help me.


    Thank you...
    Marvin
    CompGuy, May 10, 2004
    #1
    1. Advertising

  2. Hello Marvin,

    Sounds like you will be using NAT to source inside IP addresses. If
    that is the case, you can use extendable NAT to tcp/udp port forward.
    E.g.,

    ip nat inside source static tcp 192.168.1.200 22 209.247.228.201 22
    extendable

    forwards SSH (tcp port 22) traffic to the inside address 192.168.1.200
    from the outside address 209.247.228.201.


    You can also forward all ports with NAT using overload with static
    assignments per outside address, e.g.

    ip nat inside source static 192.168.0.3 209.247.228.202

    forwards all traffic to the inside address 192.168.0.3 from the
    outside address 209.247.228.202.

    Did that help?

    --Jerome
    jerome benton, May 11, 2004
    #2
    1. Advertising

  3. CompGuy

    CompGuy Guest

    Thank you very much Jerome for offering to help. However I am quite quite
    confuse as to which IP you are refering to. The following describe a bit on
    the connection of the 2600 router. The serial0/0 connects to an NTU and
    BRI1/0 and BRI1/1 connect to 2 ISDN modem. FastEthernet0/0 connects to the
    LAN hub (3COM SuperStack 3). The ip number on the FastEthernet0/0
    (10.170.116.254) is the gateway number that we configured on every LAN
    computer. The local computer that I intend to use as a server is
    10.170.116.11. After checking with WhatIsMyIP.com, this node's WAN ip
    address is 202.188.63.215.

    The following is part of what i get from "show configuration". Just
    wondering - does the command like "ip nat inside" or "ip nat inside source
    static tcp 10.170.116.11 80 10.170.116.254 80" shows on the configuration
    too after being type? But it shows in "show running-config"... whats the
    difference?

    I don't really know how to go further. Which is inside and which is outside
    is getting me confuse.

    ==================================
    Using 2183 out of 29688 bytes
    !
    version 12.2
    ip subnet-zero
    !
    no ip domain-lookup
    !
    isdn switch-type basic-net3
    !
    interface FastEthernet0/0
    ip address 10.170.116.254 255.255.255.0
    duplex auto
    speed auto
    !
    interface Serial0/0
    description connection to frame relay
    no ip address
    encapsulation frame-relay IETF
    no fair-queue
    frame-relay lmi-type ansi
    !
    interface Serial0/0.1 point-to-point
    description connection to MPLS Cisco BRFP2
    ip address 202.178.118.117 255.255.255.252
    frame-relay interface-dlci 80
    !
    interface Serial0/1
    no ip address
    shutdown
    !
    router ospf 3026
    log-adjacency-changes
    network 10.170.116.254 0.0.0.0 area 0
    network 202.178.118.116 0.0.0.3 area 0
    network 202.178.118.122 0.0.0.0 area 0
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 202.178.118.121 200
    ip route 202.178.118.121 255.255.255.255 Dialer1
    ip http server
    ip pim bidir-enable
    !
    !
    access-list 101 deny ospf any any
    access-list 101 permit ip any any
    dialer-list 1 protocol ip list 101
    snmp-server community public RO
    !
    line con 0
    exec-timeout 0 0
    line aux 0
    line vty 0 4
    line aux 0
    line vty 0 4
    CompGuy, May 12, 2004
    #3
  4. Hey Marvin,

    Can you paste the results of "show ip route", "show ip cef", and "show
    mpls interfaces"?

    --Jerome
    jerome benton, May 19, 2004
    #4
  5. CompGuy

    plexter

    Joined:
    Nov 3, 2006
    Messages:
    4
    Hello,

    Not to bust in someone elses post here (sorry for doing that) but I figured rather than start a new topic I would add my question here. If you would prefer I create a new one just let me know.

    I am running a Cisco 2600 NAT/FW router with various internal servers connected to the network including an FTP server.

    So I get how to do the static NAT port forwarding but how do you port forword a range of ports such as those required for FTP PASV connections?
    Example: ports 10000-20000

    I dont really want to type 10000 static nat entries :p

    Anyone have any input?

    Thanks
    plexter, Nov 3, 2006
    #5
  6. CompGuy

    plexter

    Joined:
    Nov 3, 2006
    Messages:
    4
    To reply which is inside and which is outside:

    [Your internal network/servers] --> [ROUTER] --> {Internet}

    The side that has your networking (private addressing usually) will be your inside network and the outside is your public IP or outgoing interface.

    hope that helps.
    Last edited: Nov 3, 2006
    plexter, Nov 3, 2006
    #6
  7. CompGuy

    globalchicken

    Joined:
    Oct 29, 2006
    Messages:
    37
    Location:
    Sacramento
    globalchicken, Nov 9, 2006
    #7
  8. CompGuy

    plexter

    Joined:
    Nov 3, 2006
    Messages:
    4
    Hello,

    Thanks for replying.

    I'll take a look at that link.

    Haha I didnt even look at the date, your right they are old. oh well.

    I had actually found a way probably simular to what you said using extened ACL's.

    Thanks though :)
    plexter, Nov 12, 2006
    #8
  9. CompGuy

    globalchicken

    Joined:
    Oct 29, 2006
    Messages:
    37
    Location:
    Sacramento
    what did you find out? I am interestested in learning new tricks>>>>
    globalchicken, Nov 12, 2006
    #9
  10. CompGuy

    plexter

    Joined:
    Nov 3, 2006
    Messages:
    4
    Well like I said its probably simular to how you have done it.

    Something like this:

    ip nat pool ft a.b.c.d a.b.c.d netmask 255.255.255.0 type rotary
    ip nat inside destination list 110 pool ftp
    access-list 110 permit tcp any any range 1023 9999

    If your way is different please let me know,
    Thanks
    plexter, Nov 12, 2006
    #10
  11. CompGuy

    globalchicken

    Joined:
    Oct 29, 2006
    Messages:
    37
    Location:
    Sacramento
    ya thats the way that i do it as well
    globalchicken, Nov 12, 2006
    #11
  12. CompGuy

    jhonny

    Joined:
    Sep 28, 2011
    Messages:
    1
    help me

    hi ,

    I have a problem, could help me please.

    I have a router 2960 series with a switch. I need to open a UDP port on my router and redirect a local ip to the ip public.
    jhonny, Sep 28, 2011
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jon Jonsson

    Cisco 800 series port forwarding

    Jon Jonsson, Nov 12, 2003, in forum: Cisco
    Replies:
    4
    Views:
    14,088
    JShepherd
    Nov 14, 2003
  2. recvfrom
    Replies:
    3
    Views:
    5,332
    Darren Green
    Jul 21, 2006
  3. Stuart
    Replies:
    1
    Views:
    766
  4. Giuen
    Replies:
    0
    Views:
    732
    Giuen
    Sep 12, 2008
  5. Greg
    Replies:
    0
    Views:
    3,640
Loading...

Share This Page