1720 Config Help. NAT and Port Forwarding...

Discussion in 'Cisco' started by ComputerMan, Apr 27, 2004.

  1. ComputerMan

    ComputerMan Guest


    I need to configure this 1720 router to allow inbound TCP connections on
    port 407 and directed to This is a Timbuktu VPN pipe.

    Here is the simple config currently. Just running NAT.

    Thanks for the help.



    version 12.1

    service timestamps debug uptime

    service timestamps log uptime

    service password-encryption


    hostname gatewayrt


    no logging console

    enable secret 5 $1$EYzP$Fg5WeKMquS9QkZAT/hAPQ2



    memory-size iomem 25

    ip subnet-zero


    ip audit notify log

    ip audit po max-events 100



    interface Serial0

    ip address

    ip nat outside

    encapsulation frame-relay IETF

    no ip route-cache

    frame-relay interface-dlci 500

    frame-relay lmi-type ansi


    interface FastEthernet0

    ip address

    ip nat inside

    speed auto



    ip nat pool graphic netmask

    ip nat inside source list 1 pool graphic overload

    ip classless

    ip route

    no ip http server


    access-list 1 permit any


    line con 0

    transport input none

    line aux 0

    line vty 0 4

    password 7 11032C114142056D57



    no scheduler allocate

    ComputerMan, Apr 27, 2004
    1. Advertisements

  2. ComputerMan

    Ben Guest

    This configuration won't work for port forwarding.
    You need to use static nat translation so the destination ports are
    statically mapped (the same inside and outside) not arbritarily allocated.

    ip nat inside source static tcp 407 interface serial 0 407
    Ben, Apr 28, 2004
    1. Advertisements

  3. ComputerMan

    ComputerMan Guest

    So can I use a command like this in addition to the config I have now or do
    I need to rework all the NAT and then use a command like you illustrated?

    I guess what I am saying is where do I go from here if I have the config
    listed below?


    ComputerMan, Apr 28, 2004
  4. ComputerMan

    Ben Guest

    No, overloading works fine in combination with the command I gave you.
    IOS will process the port forwarding nat rules first, so anything that
    doesn't fall into the category will be part of the overloading.
    Ben, Apr 29, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.