[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 869
  • Last Modified:

Configure multiple ports for NAT in one command?

Im trying to configure a block of ports to be NAT'd to a machine on the internal network. Its for our new VoIP system. Ports 10000-10500 need to be open and I dont want to have to write this for every single port:

ip nat inside source static udp 192.168.43.230 10000 interface FastEthernet0 10000

Is there a form of this command that will allow to specify the entire range of ports to be NAT'd?
0
vizient
Asked:
vizient
1 Solution
 
TheTechManCommented:
Try creating an IP NAT POOL:

ip nat pool POOL1 192.168.43.230  192.168.43.230  netmask 255.255.255.0 type rotary
ip nat inside source list 1 interface FastEthernet0 overload
ip nat inside destination list MYNATPORTS pool POOL1
!
ip access-list extended MYNATPORTS
 permit udp any any range 10000 15000
0
 
vizientAuthor Commented:
Thanks! I will test it out tonight and let you know how it goes tomorrow morning.
0
 
Jay_GridleyCommented:
If this works I'll add this to my knowledgebase... I've had this same problem myself in the past ;-)
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
PugglewuggleCommented:
Yes, that will work - it's called "Policy NAT" - basically where you use an Access-List to create a "policy" and then apply it to a NAT statement.
Let me know if you need any more help!
Cheers! :-)
0
 
TheTechManCommented:
Hello, did my answer work for you?  Please close out the question if you can?
0
 
TheTechManCommented:
Whooops... sorry...  I misread something.  I'm glad it helped out, and I'm sorry for the confusion here.  Take care!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now