Pointer in the correct direction...

Discussion in 'Cisco' started by Taylor, Grant, Aug 31, 2006.

  1. Hi, would someone please give me a pointer in the correct direction?

    I would like to think that I'm a fairly experienced Linux IPTables user,
    but I am a novice when it comes to Cisco IOS and NATing. I have a Cisco
    Catalyst 5000 Route Switch Module (based on the 7000? router) that I would
    like to configure some more than basic NATing on. I have the router
    configured to do NATing between my private home LAN and the internet (DSL)
    connection. With my ISP's permission, I'm wanting to port forward port 119
    on my external IP to my ISP's news server for one specific IP on the net
    (my office). Before you start to say that I should just connect to the IP
    in question directly, I can not because it is firewalled from the world in
    general. Before you start to say that I should not try to circumvent the
    firewall, I *HAVE* spoken to my ISP and gotten permission (in writing) to
    do what I'm wanting to do for ONLY my controlled IP at the office.

    In Linux IPTables this would be as simple as the following two rules:

    (Presuming that the traffic is not filtered elsewhere.)

    iptables -t nat -A PREROUTING -i $WAN -s $WorkIP -d $WANIP -p TCP --dport
    119 -j DNAT --to-destination $NewsServerIP
    iptables -t nat -A POSTROUTING -o $WAN -s $WorkIP -d $NewsServerIP -p TCP
    --dport 119 -j SNAT --to-source $WANIP

    So the question is, how would I do this type of thing with Cisco IOS's NAT
    stack. Is this possible? Below you will find the output of "show
    version", which I think should tell you what you need to know about the
    router in question. If there is something else that you need to know pleas
    ask.

    What I would really love is for someone that knows Cisco IOS & NATing very
    well to point me in the direction of some good documentation and then be
    willing to answer a few questions after I do some more homework.

    tncrtr02-gw#show version
    Cisco Internetwork Operating System Software
    IOS (tm) C5RSM Software (C5RSM-IO3SV56I-M), Version 12.1(2), RELEASE
    SOFTWARE (fc1)
    Copyright (c) 1986-2000 by cisco Systems, Inc.
    Compiled Wed 10-May-00 19:19 by linda
    Image text-base: 0x60010908, data-base: 0x61100000

    ROM: System Bootstrap, Version 11.2(17523) [mohsen 102], INTERIM SOFTWARE
    BOOTFLASH: C5RSM Software (C5RSM-BOOT-M), Version 12.0(21a), RELEASE
    SOFTWARE (fc1)

    tncrtr02-gw uptime is 4 weeks, 1 day, 1 hour, 16 minutes
    System returned to ROM by reload
    System image file is "slot0:c5rsm-io3sv56i-mz.121-2.bin"

    cisco RSP2 (R4700) processor with 131072K/2072K bytes of memory.
    R4700 CPU at 100Mhz, Implementation 33, Rev 1.0
    Last reset from power-on
    G.703/E1 software, Version 1.0.
    G.703/JT2 software, Version 1.0.
    X.25 software, Version 3.0.0.
    Bridging software.
    1 C5IP controller (4 Vlan).
    3 Virtual Ethernet/IEEE 802.3 interface(s)
    1 Virtual Token Ring/IEEE 802 .5 interface(s)
    123K bytes of non-volatile configuration memory.

    20480K bytes of Flash PCMCIA card at slot 0 (Sector size 128K).
    8192K bytes of Flash internal SIMM (Sector size 256K).
    Configuration register is 0x10F



    Thank you, and have a nice day. :)

    Grant. . . .
     
    Taylor, Grant, Aug 31, 2006
    #1
    1. Advertising

  2. Taylor, Grant

    Merv Guest

    Not sure if IOS 12.1 supports PAT port forwarding.

    You couuld try to see if the following commands are accepted


    ip nat inside source static tcp <inside IP address> 119 interface
    <interface facing ISP> 119

    or

    ip nat inside source static tcp <inside IP address> 119 <outside IP
    address> 119

    These commands would redirected all NNTP traffic, not sure how this is
    done for just one particular inbound source address.
     
    Merv, Aug 31, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Q2FybEs=?=

    Can share files one direction but not the other

    =?Utf-8?B?Q2FybEs=?=, Dec 4, 2004, in forum: Wireless Networking
    Replies:
    0
    Views:
    527
    =?Utf-8?B?Q2FybEs=?=
    Dec 4, 2004
  2. NeloAngelo

    I'm an MCSA, N+, and A+ with no direction

    NeloAngelo, Feb 18, 2004, in forum: Microsoft Certification
    Replies:
    2
    Views:
    549
    chris
    Feb 18, 2004
  3. Dennis

    Need advice with certification/training direction, please

    Dennis, Jul 18, 2004, in forum: Microsoft Certification
    Replies:
    1
    Views:
    453
    TechGeekPro
    Jul 18, 2004
  4. jim evans

    Correct White Balance Doesn't Mean Correct Color??

    jim evans, Oct 21, 2005, in forum: Digital Photography
    Replies:
    28
    Views:
    985
    Dave Martindale
    Dec 27, 2005
  5. N Channon

    Direction for correct learning courses.

    N Channon, Jun 13, 2008, in forum: Microsoft Certification
    Replies:
    0
    Views:
    405
    N Channon
    Jun 13, 2008
Loading...

Share This Page