Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3712
  • Last Modified:

Forwarding a range of UDP ports on Cisco 881 Router

I have a question that I can't seem to find a solid answer for.  I need setup VOIP port forwarding on a Cisco 881router for a client.  Currently they client only has a single static outside IP for me to work with.  Setting up the static NAT for the single TCP 5060 or single UDP 5060 forward works fine.

The issue is forwarding the Voice UDP port range of 10000 20000 to the inside IP address of the SIP Phone system.  I can't do a 1-to-1 NAT because there are other ports that need to forwarded to a different server.  I have seen two different methods suggested, using a access-list, route-map and a static NAT statement.  The other is to use a "static destination" NAT statement with a rotary command at the end.

I have seen all kinds of opinions on which might work with the Cisco IOS. I am hoping that someone has found a way around this bug.
0
keagle79
Asked:
keagle79
  • 2
1 Solution
 
Tim PhillipsWindows Systems AdministratorCommented:
I think the way to do this is to use the access-list method you mentioned seeing.

Something like:

R6(config)# ip nat pool PORTFWD 192.168.0.50 192.168.0.50 netmask 255.255.255.0 type rotary
R6(config)# access-list 100 permit udp any any range 10000 20000
R6(config)# ip nat inside destination list 100 pool PORTFWD


http://evilrouters.net/2010/05/25/port-forwarding-a-range-of-ports-on-cisco-ios/
0
 
keagle79Author Commented:
I saw that method as well, however some people are saying that it only works with TCP.  Can anyone confirm that this method works with UDP traffic as well?
0
 
keagle79Author Commented:
The answer is valid, unfortunately it will not work for my particular situation.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now