• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 427
  • Last Modified:

NAT Specific IPs in Cisco router

We have some IP addresses in a public DNS , assigned for different purposes for instance:
SMTP.mycompany.com =65.65.65.65
OWA.mycompany.com=66.66.66.66

we purchased the IPs listed above from the registrar.
I would like to know how to configure the NAT on Cisco router, so that when it receives:
65.65.65.65 on the external interface of the router it will NAT it and send it to 10.100.100.100 [our exchange Mailbox server IP]
66.66.66.66 on the external interface of the router it will NAT it and send it to 10.100.100.200 [our exchange Front End server IP]

How is this configured in Cisco Router?

thanks

0
jskfan
Asked:
jskfan
  • 3
  • 3
4 Solutions
 
psychogrCommented:
You need to setup PAT on your cisco router.
Below are two links with two nice guides on how to setup NAT/PAT on your router.

http://www.cisco.com/en/US/tech/tk175/tk15/technologies_configuration_example09186a0080093e51.shtml

http://www.routergeek.net/content/view/39/37/

Hope that helps.
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
Simplest version without specific port forwarding:
int INSIDEINTERFACENAME
ip nat inside

int OUTSIDEINTERFACENAME
ip nat outside

ip nat inside source static 10.100.100.100 65.65.65.65
ip nat inside source static 10.100.100.200 65.65.65.66

Open in new window

0
 
jskfanAuthor Commented:
I don't know if Port forwarding is mandatory..
The reason I am saying this because 65.65.65.65 will be an IP address reserved  for Exchange server email, when internet users send an email to mycompany.com
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Garry GlendownConsulting and Network/Security SpecialistCommented:
Above commands will do a full nat for the addresses, e.g. providing all ports to the outside ... you may want to block unused ports with a firewall or at least packet filter ....
0
 
jskfanAuthor Commented:
do we need to specify the port [25], or  we don't need to, since 65.65.65.65 is always NATTED to exchange server IP address 10.100.100.100 ???

I also believe we just need to open port 25 for SMTP, 80, 443 foe secure SSL iused by OWA.
0
 
Garry GlendownConsulting and Network/Security SpecialistCommented:
That's what I meant ...

For just specific ports, do something like this:

ip nat inside source static tcp 10.100.100.100 25 65.65.65.65 25 extendable
ip nat inside source static tcp 10.100.100.100 80 65.65.65.65 80 extendable
ip nat inside source static tcp 10.100.100.100 443 65.65.65.65 443 extendable

Open in new window

0
 
jskfanAuthor Commented:
Thanks Guys!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now