Re: Ip services questions

From: secondie (secondie@gmail.com)
Date: Thu Jul 27 2006 - 11:11:59 ART

secondie wrote:
> Here is the working config/scenario for NAT:
>
> (PC )10.1.1.1.2 ---- 10.1.1.1 (R1) -- 1.1.1.1 ------1.1.1.2 (R2)
>
> PC goes to 1.1.1.100 port 80 for telnet.
>
> hostname R1
> interface FastEthernet0/0
> ip address 10.1.1.1 255.255.255.0
> ip nat outside
> !
> interface FastEthernet0/1
> ip address 1.1.1.1 255.255.255.0
> ip nat inside
> !
> ip nat inside source static tcp 1.1.1.2 23 1.1.1.100 80 extendable
> no-alias
> ip http server
> no ip http secure-server
> ip classless
>
>
> From my pc at 10.1.1.2
>
> telnet 1.1.1.100 80
> User Access Verification
>
> Password:
> R2> << ========= WORKS !!!!!
>
>
> And the debugs:
>
> R1#debug ip nat IP NAT debugging is on
> R1#
> R1#
> R1#
> *Mar 1 00:29:43.255: NAT: TCP s=2023, d=80->23
> *Mar 1 00:29:43.255: NAT: s=10.1.1.2, d=1.1.1.100->1.1.1.2 [9672]
> *Mar 1 00:29:43.259: NAT: TCP s=23->80, d=2023
> *Mar 1 00:29:43.259: NAT: s=1.1.1.2->1.1.1.100, d=10.1.1.2 [0]
> *Mar 1 00:29:43.259: NAT*: TCP s=2023, d=80->23
> *Mar 1 00:29:43.259: NAT*: s=10.1.1.2, d=1.1.1.100->1.1.1.2 [9673]
> *Mar 1 00:29:43.267: NAT*: TCP s=23->80, d=2023
> *Mar 1 00:29:43.267: NAT*: s=1.1.1.2->1.1.1.100, d=10.1.1.2 [1]
> *Mar 1 00:29:43.267: NAT*: TCP s=2023, d=80->23
> *Mar 1 00:29:43.267: NAT*: s=10.1.1.2, d=1.1.1.100->1.1.1.2 [9674]
> *Mar 1 00:29:43.271: NAT*: TCP s=23->80, d=2023
> *Mar 1 00:29:43.271: NAT*: s=1.1.1.2->1.1.1.100, d=10.1.1.2 [2]
> *Mar 1 00:29:43.275: NAT*: TCP s=2023, d=80->23
> *Mar 1 00:29:43.275: NAT*: s=10.1.1.2, d=1.1.1.100->1.1.1.2 [9675]
> *Mar 1 00:29:43.275: NAT*: TCP s=23->80, d=2023
> *Mar 1 00:29:43.275: NAT*: s=1.1.1.2->1.1.1.100, d=10.1.1.2 [3]
> *Mar 1 00:29:43.279: NAT*: TCP s=2023, d=80->23
> *Mar 1 00:29:43.279: NAT*: s=10.1.1.2, d=1.1.1.100->1.1.1.2 [9676]
> *Mar 1 00:29:43.483: NAT*: TCP s=23->80, d=2023
> *Mar 1 00:29:43.483: NAT*: s=1.1.1.2->1.1.1.100, d=10.1.1.2 [4]
> R1#un all
> All possible debugging has been turned off
>
> HTH
> -secondie
>
>
> Ivan wrote:
>
>
>
>>> Q3:
>>> How can I make a connection to <IP1> TCP port 80 being redirected to
>>> <IP2>
>>> TCP port 23 to access the router CLI?
>>>
>>
>> This can be achieved with static NAT.

This archive was generated by hypermail 2.1.4 : Tue Aug 01 2006 - 07:13:48 ART