Solved

Static NAT on Cisco 2600 from outside host to internal host

Posted on 2007-03-28
2
426 Views
Last Modified: 2008-02-01
Cisco 2600 router.What is the command to allow a host on the Internet to be able to RDP to an internal server?  The Cisco 2600 needs a nat statement on it, I know.  The external ip on the 2600 is: EXTERNAL_IP.  The internal ip address of the server is INTERNAL_IP.

Would the command be:
in nat inside source static tcp EXTERNAL_IP 3389 INTERNAL_IP 3389  ??

the fact that I am trying to translate an external destination address to an internal destination address makes me wonder about the term 'inside' being used in the statement, vs. using outside.

Thanks
0
Comment
Question by:cliffordgormley
2 Comments
 
LVL 11

Accepted Solution

by:
billwharton earned 500 total points
ID: 18812518
Nopes, it'll only be:
ip nat inside source static internal_ip external_ip

The syntax usually is:
ip nat inside souce static inside_local inside_global

inside_local refers to a local area network address on the inside of your router
inside_global refers to a globally addressable address on the outside of your router (this address should be reachable by Internet hosts)

Here's a very good document explaining you in-depth what the definitions mean. It may be confusing at first but you'll get it:
http://www.cisco.com/warp/public/556/8.html


You can limit access to particular ports when you place your access lists on the outside interface.

Hope this helps
0
 

Author Comment

by:cliffordgormley
ID: 18812999
Excellent!  Thanks Bill
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

822 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question