Search This Blog

2012-12-22

Port Forwarding on a Cisco Router

Forwarding Ports using NAT Translation

Run the following command from configure mode:
en
conf t
ip nat inside source static tcp $remoteHost $insidePort interface $interface $globalPort

static - specify a static local->global mapping
$remoteHost - the device behind the nat translation device you wish to access using the $insidePort
$insidePort - the port in which the device is listening on
$interface - specify the interface in which the WAN link is doing the translation
$globalPort - the port in which the interface is listening on

Add a Firwall Exception

Look at your current access list
show ip access-list

Will show the current numbered rules you have on your router

Add a rule prior to the
deny any any
statement or else your rule will be ignored as it comes after blocking all traffic.

Configure Your access list to permist your global port through your router
ip access-list extended $aclName
$seqNum permit tcp any any eq $globalPort

$aclName - the name of the extended access list you created
$seqNum - the sequence number in which the rule should be processed in
$globalPort - the listening port on the external side

No comments:

Post a Comment