okamon
asked on
cisco 2811 port fowarding question
we just got cisco 2811 router. there are four connections for DSL and one for internal lan which you can see in the screenshot. The router was pre-configured when we got it. But now I needed to add some more port forwarding myself. I simply run
Example for port 3389:
ip nat inside source static tcp 10.0.0.139 3389 interface dialer1 3355
Well it added the entry without error and the remote desktop worked. But why it looks so different than the pre-configured one? (the black line I marked is my public IP, those are pre-configured)
I could do it with the cisco cp but for some reason it didn't let me to add new entry. Did I do anything wrong with command line? what is the difference?
Example for port 3389:
ip nat inside source static tcp 10.0.0.139 3389 interface dialer1 3355
Well it added the entry without error and the remote desktop worked. But why it looks so different than the pre-configured one? (the black line I marked is my public IP, those are pre-configured)
I could do it with the cisco cp but for some reason it didn't let me to add new entry. Did I do anything wrong with command line? what is the difference?
ASKER
thanks! we have static ip. so you mean I can run:
ip nat inside source static tcp 10.0.0.139 3389 ip 10.222.333.444 3355
ip nat inside source static tcp 10.0.0.139 3389 ip 10.222.333.444 3355
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks. but I don't get you on this
>> This will translate any traffic from 10.0.0.139 entering the router on port 3389, translate it to 10.222.333.444 and send it out on port 3355.
I am doing this for user on Internet to rdp with port 3355 to the internal lan pc 10.0.0.139:3389. I think this command will translate 10.222.333.444:3355 to 10.0.0.139:3389
>> This will translate any traffic from 10.0.0.139 entering the router on port 3389, translate it to 10.222.333.444 and send it out on port 3355.
I am doing this for user on Internet to rdp with port 3355 to the internal lan pc 10.0.0.139:3389. I think this command will translate 10.222.333.444:3355 to 10.0.0.139:3389
Sorry I perhaps didnt explane that very well. It does translate all traffic from 10.0.0.139 port 3389 to 10.222.333.444 port 3355. This will also apply to incoming traffic so traffic entering on port 3355 from 10.222.333.444 will be translated to 10.0.0.139 port 3389. Just keep in mind that the traffic from 10.222.333.444 must be sourced on port 3355 or this translation will not work. Normally PCs will source from a random port so in most situations, without extra config on the external PC, this translation would not work.
Are you using static or dynamic IP? If you are using static IP's then you could for the sake of testing, add a statement with the IP address specified and then you will see the difference. If you are not using a static IP then you must NAT to the interface as the address will keep changing.