dslreports logo

The general answer to this question is that it can't be done.

However it is possible using a technique that was actually designed for a different purpose, an IP NAT pool. Using a NAT pool means you can specify an ACL (in this case with the port range) but you use a "pool" of a single address and specify the rotary method.

In the example below the IP address 192.168.1.10 is the internal address that you wish to forward the range of TCP ports to:


ip nat pool p2p 192.168.1.10 192.168.1.10 netmask 255.255.255.0 type rotary
ip nat inside destination list 100 pool p2p
access-list 100 permit tcp any any range 6881 6999


Notes:
* This tip has been tested working with various routers within various network topology
* Similar attempts have been tried on UDP traffic to no avail. Therefore it is safely assumed that this tip does not work on UDP traffic.


Feedback received on this FAQ entry:
  • Worked well thanks

    2012-10-26 16:18:49



Expand got feedback?

by Phraxos See Profile edited by aryoba See Profile
last modified: 2015-08-17 12:51:47