How do I NAT a TCP/UDP port range without entering a seperate NAT for each port? Cisco Forum FAQ

			Search:
	login · register

	Search for: in all FAQs
All FAQs » Cisco Forum FAQ » 40.1 NAT/VPN/ACL/CBAC/Firewall » 13794


How do I NAT a TCP/UDP port range without entering a seperate NAT for each port? (#13794)
The general answer to this question is that it can't be done. However it is possible using a technique that was actually designed for a different purpose, an IP NAT pool. Using a NAT pool means you can specify an ACL (in this case with the port range) but you use a "pool" of a single address and specify the rotary method. In the example below the IP address 192.168.1.10 is the internal address that you wish to forward the range of TCP ports to: ip nat pool p2p 192.168.1.10 192.168.1.10 netmask 255.255.255.0 type rotary ip nat inside destination list 100 pool p2p access-list 100 permit tcp any any range 6881 6999 If you wish to forward UDP port range instead, you can simply replace the tcp parameter on ACL 100 with udp. feedback form by Phraxos edited by nozero last modified: 2007-12-31 13:44:23


Thursday, 21-Aug 05:26:55	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2008 dslreports.com. republican-creole