Solved

Need sample config for a Cisco 1921

Posted on 2010-09-04
5
2,848 Views
Last Modified: 2012-08-13
Several years since I did any Cisco routers.

I am familiar with the mechanics of programming them, but lots has changed.

Can anyone provide a sample config for a basic configuration NAT, with normal port forwards (25, 80, 443, 3389, etc...)

Thanks
0
Comment
Question by:DagwoodBumstead
  • 2
  • 2
5 Comments
 
LVL 24

Expert Comment

by:rfc1180
ID: 33604872
something like:

int f0/0
ip address 192.168.1.1 255.255.255.0
 ip nat inside
int f0/1
ip address 64.100.90.1 255.255.255.0
 ip nat outside

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source list 1 interface f0/1 overload

!static ip addresses
ip nat inside source static tcp 64.100.90.1 25 192.168.1.20 25
ip nat inside source static tcp 64.100.90.1 80 192.168.1.21 80
ip nat inside source static tcp 64.100.90.1 443 192.168.1.22 443
ip nat inside source static tcp 64.100.90.1 3389 192.168.1.23 3389

Billy


0
 
LVL 6

Accepted Solution

by:
wpharaon earned 125 total points
ID: 33605885
i agree with the beggining of the configurations
int f0/0
ip address 192.168.1.1 255.255.255.0
 ip nat inside
int f0/1
ip address 64.100.90.1 255.255.255.0
 ip nat outside

access-list 1 permit 192.168.1.0 0.0.0.255

ip nat inside source list 1 interface f0/1 overload

However the static mapping works as:
ip nat inside source static tcp (Inside Local IP add) (local_PORT) (Inside Global IP add) (global_PORT)
So it will be
!static ip addresses
ip nat inside source static tcp  192.168.1.20 25 64.100.90.1 25
ip nat inside source static tcp 192.168.1.21 80 64.100.90.1 80
ip nat inside source static tcp 192.168.1.22 443 64.100.90.1 443
ip nat inside source static tcp 192.168.1.23 3389 64.100.90.1 3389
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33606702
>However the static mapping works as:
ip nat inside source static tcp (Inside Local IP add) (local_PORT) (Inside Global IP add) (global_PORT)


agreed, did not catch that mistake
0
 

Author Comment

by:DagwoodBumstead
ID: 33615051
Thanks for the responses... in the snippet above, is all egress from the network allowed, or do I need to specify to allow some ports to leave the network?
0
 
LVL 6

Expert Comment

by:wpharaon
ID: 33615161
        access-list 1 permit 192.168.1.0 0.0.0.255
Allow traffic from internal LAN pcs to internet

While:!static ip addresses:
         ip nat inside source static tcp  192.168.1.20 25 64.100.90.1 25  
from internet to 64.100.90.1 port 25 to be destined to Server 192.168.1.20 port 25...
etc
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now