RE: Remote Control through NAT

From: Brian McGahan (brian@xxxxxxxxxxxxxxx)
Date: Mon Jul 15 2002 - 14:03:02 GMT-3

• Next message: Edward Monk: "RE: what is better -- "No Show" or "Go Unprepared""
• Previous message: Nate Van Maren: "Re: DHCP and Secondary Interfaces"
• Maybe in reply to: Dirar Hakeem: "Remote Control through NAT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
Dirar,
        
        Port forwarding through PAT on a cisco router can be
accomplished with the function called "TCP Load Distribution"
http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113ed_
cr/np1_c/1cipadr.htm#xtocid2128059

        It's actually meant as a round robin type server balancing with
NAT, but it can be used to forward ports. Suppose that your outside
public address is 10.10.10.10, and you're overloading it. The internal
server you want to forward WWW traffic to is 192.168.0.1. The config
would look something like this:

Ip nat pool WWWSERVER 192.168.0.1 192.168.0.1 prefix-length 24 type
rotary
Ip nat inside destination list FORWARD_PORTS pool WWWSERVER
Ip nat inside source list INSIDE_LOCAL interface Ethernet0 overload
!
Ip access-list extended FORWARD_PORTS
 Permit tcp any host 10.10.10.10 eq www
!
Ip access-list standard INSIDE_LOCAL
 Permit 192.168.0.0 0.0.0.255
!
interface Ethernet 0
 ip address 10.10.10.10 255.0.0.0
 ip nat outside
!
interface Ethernet 1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
!

HTH

Brian McGahan, CCIE #8593
Director of Design and Implementation
brian@cyscoexpert.com

CyscoExpert Corporation
Internetwork Consulting & Training
http://www.cyscoexpert.com
Voice: 847.674.3392
Fax: 847.674.2625

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Dirar Hakeem
Sent: Monday, July 15, 2002 9:15 AM
To: ccielab@groupstudy.com
Subject: Remote Control through NAT

Hi everyone,

I upgraded a Linksys router for a customer to Cisco
2621. The admin uses a remote control application
called VNC to manage his servers remotely. They're
using private addresses, and the Linksys router had a
simple forwarding command to send any packets with the
TCP port number for the application (it uses 59xx
range) to the Admin's PC from which he can then access
other devices.

What is the best way to do this on the Cisco router
(the router is doing NAT, as it has the Firewall
feature pack installed) I don't think "IP
Forward/Helper address" would work because the
application uses TCP and not UDP, and I'm thinking of
a route map, but I'm not sure this would the best
solution.

Thanks for any help.

• Next message: Edward Monk: "RE: what is better -- "No Show" or "Go Unprepared""
• Previous message: Nate Van Maren: "Re: DHCP and Secondary Interfaces"
• Maybe in reply to: Dirar Hakeem: "Remote Control through NAT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Sep 07 2002 - 19:36:30 GMT-3