Configure Port Forwarding on Cisco 2600
All, I am trying to figure out how to configure port forwarding on a Cisco 2611 router running 12.2.27. For example I have a FTP server in the LAN and it is listening on port 21. When a FTP request comes in on the WAN IP address of the router i.e. 22.214.171.124, I want that request to be forwarded to 192.168.1.110. I looked at cisco's website for any kind of tutorials on how to configure port forwarding. Either cisco calls it something different or cisco is not capable of doing this, I didn't find any tutorial on cisco's site. This is fairly straight forward to configure in a Linksys broadband router. Any ideas to make this work will be greatly appreciated. Thanks in advance.
Port forwarding is part of NAT. You'd have to enable it if it isn't already enabled, define the "inside" and "outside" interfaces, and then make a NAT port translation...
This page shows how: »www.cisco.com/en/US/tech/tk648/t···77.shtml
|reply to Cisco User |
I don't have a 2600, but I believe the command will be the same:
I use the same set up to direct web, ftp, lpd, ssh etc traffic... In my case I direct the traffic to different machines internally, but I coded up the examples below all pointing to the machine you specified. Hopefully this makes it easier for you to see how it applies to your set up.
ip nat inside source list 102 interface Ethernet0 overload
ip nat inside source static tcp 192.168.1.110 515 interface Ethernet0 515
ip nat inside source static tcp 192.168.1.110 21 interface Ethernet0 21
ip nat inside source static tcp 192.168.1.110 23 interface Ethernet0 23
ip nat inside source static tcp 192.168.1.110 22 interface Ethernet0 22
ip nat inside source static tcp 192.168.1.110 25 interface Ethernet0 25
ip nat inside source static tcp 192.168.1.110 80 interface Ethernet0 80
ip nat inside source static tcp 192.168.1.110 443 interface Ethernet0 443
If you look at that last one, it's saying "direct any TCP/port 443 traffic arriving on ethernet 0 (my public facing interface) and direct it to 192.168.1.110
And access list 102 says:
permit ip 192.168.1.0 0.0.0.255 any
There are 10 types of people in the world; those who understand binary and those who don't.