NAT Specific IPs in Cisco router

We have some IP addresses in a public DNS , assigned for different purposes for instance:
SMTP.mycompany.com =65.65.65.65
OWA.mycompany.com=66.66.66.66

we purchased the IPs listed above from the registrar.
I would like to know how to configure the NAT on Cisco router, so that when it receives:
65.65.65.65 on the external interface of the router it will NAT it and send it to 10.100.100.100 [our exchange Mailbox server IP]
66.66.66.66 on the external interface of the router it will NAT it and send it to 10.100.100.200 [our exchange Front End server IP]

How is this configured in Cisco Router?

thanks

jskfanAsked:
Who is Participating?
 
psychogrConnect With a Mentor Commented:
You need to setup PAT on your cisco router.
Below are two links with two nice guides on how to setup NAT/PAT on your router.

http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a0080093e51.shtml

http://www.routergeek.net/content/view/39/37/

Hope that helps.
0
 
Garry GlendownConnect With a Mentor Consulting and Network/Security SpecialistCommented:
Simplest version without specific port forwarding:
int INSIDEINTERFACENAME
ip nat inside

int OUTSIDEINTERFACENAME
ip nat outside

ip nat inside source static 10.100.100.100 65.65.65.65
ip nat inside source static 10.100.100.200 65.65.65.66

Open in new window

0
 
jskfanAuthor Commented:
I don't know if Port forwarding is mandatory..
The reason I am saying this because 65.65.65.65 will be an IP address reserved  for Exchange server email, when internet users send an email to mycompany.com
0
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

 
Garry GlendownConnect With a Mentor Consulting and Network/Security SpecialistCommented:
Above commands will do a full nat for the addresses, e.g. providing all ports to the outside ... you may want to block unused ports with a firewall or at least packet filter ....
0
 
jskfanAuthor Commented:
do we need to specify the port [25], or  we don't need to, since 65.65.65.65 is always NATTED to exchange server IP address 10.100.100.100 ???

I also believe we just need to open port 25 for SMTP, 80, 443 foe secure SSL iused by OWA.
0
 
Garry GlendownConnect With a Mentor Consulting and Network/Security SpecialistCommented:
That's what I meant ...

For just specific ports, do something like this:

ip nat inside source static tcp 10.100.100.100 25 65.65.65.65 25 extendable
ip nat inside source static tcp 10.100.100.100 80 65.65.65.65 80 extendable
ip nat inside source static tcp 10.100.100.100 443 65.65.65.65 443 extendable

Open in new window

0
 
jskfanAuthor Commented:
Thanks Guys!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.