Port forwarding on Cisco 837

Discussion in 'Cisco' started by Danny Horne, Nov 20, 2004.

  1. Danny Horne

    Danny Horne Guest

    Hi all,

    I'm trying to configure port forwarding on a Cisco 837 router from
    varying external IP's to IP's on 192.168.46.0/24

    I've googled this group for answers to my question & have come to the
    conclusion that all I need (for example) is -
    ip nat inside source static tcp <internal IP> 21 <external IP> 21
    extendable

    But would this actually open up the required ports on the external
    interface or is something like -
    access-list 101 permit tcp any host <external IP> eq 21
    and on the external interface -
    ip access-group 101 in
    required?

    Thanks for all replies
    Danny Horne, Nov 20, 2004
    #1
    1. Advertising

  2. Danny Horne

    PES Guest

    Danny Horne wrote:
    > Hi all,
    >
    > I'm trying to configure port forwarding on a Cisco 837 router from
    > varying external IP's to IP's on 192.168.46.0/24
    >
    > I've googled this group for answers to my question & have come to the
    > conclusion that all I need (for example) is -
    > ip nat inside source static tcp <internal IP> 21 <external IP> 21
    > extendable


    This is correct for the nat translation creation and is always required
    if you are doing PAT.

    > But would this actually open up the required ports on the external
    > interface or is something like -
    > access-list 101 permit tcp any host <external IP> eq 21
    > and on the external interface -
    > ip access-group 101 in
    > required?


    If there is no access-list (you should find an ip access-group command
    on the interface), all traffic is permitted. If there is an access list
    applied, the access-list must be modified as you indicated above. Your
    syntax is correct. However, make sure that you understand that the ACL
    is processed from the top down and has an implicit deny any any at the
    bottom (regardless of its exitstence in the config).


    --
    -------------------------
    Paul Stewart
    Lexnet Inc.
    Email address is in ROT13
    PES, Nov 20, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Suppa Lamah
    Replies:
    8
    Views:
    1,618
  2. Doc Oakenfold

    Port forwarding with Cisco 837

    Doc Oakenfold, Jan 4, 2005, in forum: Cisco
    Replies:
    4
    Views:
    2,382
    Doc Oakenfold
    Jan 28, 2005
  3. Weili
    Replies:
    2
    Views:
    7,318
    Weili
    Mar 1, 2005
  4. Replies:
    4
    Views:
    4,147
  5. uanmi
    Replies:
    0
    Views:
    856
    uanmi
    May 18, 2007
Loading...

Share This Page