?
Solved

NAT Specific IPs in Cisco router

Posted on 2011-09-27
7
Medium Priority
?
425 Views
Last Modified: 2012-05-12
We have some IP addresses in a public DNS , assigned for different purposes for instance:
SMTP.mycompany.com =65.65.65.65
OWA.mycompany.com=66.66.66.66

we purchased the IPs listed above from the registrar.
I would like to know how to configure the NAT on Cisco router, so that when it receives:
65.65.65.65 on the external interface of the router it will NAT it and send it to 10.100.100.100 [our exchange Mailbox server IP]
66.66.66.66 on the external interface of the router it will NAT it and send it to 10.100.100.200 [our exchange Front End server IP]

How is this configured in Cisco Router?

thanks

0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 8

Accepted Solution

by:
psychogr earned 500 total points
ID: 36708660
You need to setup PAT on your cisco router.
Below are two links with two nice guides on how to setup NAT/PAT on your router.

http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a0080093e51.shtml

http://www.routergeek.net/content/view/39/37/

Hope that helps.
0
 
LVL 18

Assisted Solution

by:Garry Glendown
Garry Glendown earned 1500 total points
ID: 36708676
Simplest version without specific port forwarding:
int INSIDEINTERFACENAME
ip nat inside

int OUTSIDEINTERFACENAME
ip nat outside

ip nat inside source static 10.100.100.100 65.65.65.65
ip nat inside source static 10.100.100.200 65.65.65.66

Open in new window

0
 

Author Comment

by:jskfan
ID: 36712216
I don't know if Port forwarding is mandatory..
The reason I am saying this because 65.65.65.65 will be an IP address reserved  for Exchange server email, when internet users send an email to mycompany.com
0
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

 
LVL 18

Assisted Solution

by:Garry Glendown
Garry Glendown earned 1500 total points
ID: 36712293
Above commands will do a full nat for the addresses, e.g. providing all ports to the outside ... you may want to block unused ports with a firewall or at least packet filter ....
0
 

Author Comment

by:jskfan
ID: 36714749
do we need to specify the port [25], or  we don't need to, since 65.65.65.65 is always NATTED to exchange server IP address 10.100.100.100 ???

I also believe we just need to open port 25 for SMTP, 80, 443 foe secure SSL iused by OWA.
0
 
LVL 18

Assisted Solution

by:Garry Glendown
Garry Glendown earned 1500 total points
ID: 36714759
That's what I meant ...

For just specific ports, do something like this:

ip nat inside source static tcp 10.100.100.100 25 65.65.65.65 25 extendable
ip nat inside source static tcp 10.100.100.100 80 65.65.65.65 80 extendable
ip nat inside source static tcp 10.100.100.100 443 65.65.65.65 443 extendable

Open in new window

0
 

Author Closing Comment

by:jskfan
ID: 36714976
Thanks Guys!
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month12 days, 19 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question