How do I NAT a TCP port range without entering a seperate NAT for each port? Cisco Forum FAQ

republican-creole			Search:
	login · register

	Search for: in all FAQs
All FAQs » Cisco Forum FAQ » 40.1 NAT/VPN/ACL/CBAC/Firewall » 13794


How do I NAT a TCP port range without entering a seperate NAT for each port? (#13794)
The general answer to this question is that it can't be done. However it is possible using a technique that was actually designed for a different purpose, an IP NAT pool. Using a NAT pool means you can specify an ACL (in this case with the port range) but you use a "pool" of a single address and specify the rotary method. In the example below the IP address 192.168.1.10 is the internal address that you wish to forward the range of TCP ports to: ip nat pool p2p 192.168.1.10 192.168.1.10 netmask 255.255.255.0 type rotary ip nat inside destination list 100 pool p2p access-list 100 permit tcp any any range 6881 6999 feedback form by Phraxos edited by aryoba last modified: 2009-09-13 03:40:56


Wednesday, 11-Nov 05:16:33	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.