AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of huffmana
huffmana
Flag for United States of America asked on

What Cisco device do I need to do ip address and port mapping

What Cisco device do I need to do ip address and port mapping?  I need to translate incoming destinations and ports into internal destination host and port.  Something like this:
-  using Cox IP 98.175.98.10 as our outside static IP address in this example.
DESTINATION                      REPLACEMENT DEST
map 98.175.98.10 8443  to 192.168.168.100 443
map 98.175.98.10 8080  to 192.168.168.101 80

With an IN acl like this
permit 215.50.5.0/24 any

Will a 2921 do this or do I need an ASA firewall?
CiscoNetworking
Avatar of undefined
Last Comment
huffmana
8/22/2022 - Mon
max_the_king
Hi,
you will probably do that into the ASA firewall, although it is possible to do it into the router (2921).
It depends on which one is managing NAT; having both it is more likely that you do that on ASA. Besides, 2921 might belong to your ISP.

hope this helps
max
huffmana
ASKER
Thanks max_the_king.  Yes the 2921 is NAT overloading the outside Static IP address.  I am managing the 2921.  The NAT is working but how do I configure the incoming Port Mapping?
ASKER CERTIFIED SOLUTION
max_the_king
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Predrag Jovic
max_the_king's code is OK, except the part that ACL is, most likely, not needed.
Static source NAT is correctly configured (if interfaces are configure with "ip nat inside | ip nat outside" should be OK).
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
huffmana
ASKER
I ended up getting an ASA because it'll be easier manage ports.  The 2921 will NAT and PAT and ACL could close ports....  I'll try anyway, but the ASA5520 has 4 GI ports and things like DMZ.... it was only $130 on ebay.
huffmana
ASKER
Great help you guys.  I appreciate your expert advise.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent