NAT a TCP Port Range

From: John Hooper (homith@homith.com)
Date: Tue Feb 26 2008 - 05:06:03 ARST

• Next message: John: "ospf neighbors"
• Previous message: Huan Pham: "RE: BGP Problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Good Afternoon Group,
                                    I was asked this question by a workmate
today which I had a little trouble getting working. Lets say we want to NAT a
port range from an external address to a host internal. I have a host on the
inside network (192.168.1.10/24). The inside address on the router is
192.168.1.1/24. The outside facing the internet is 10.26.12.10/24 and what we
want to achieve is translate a range of TCP ports from lets say from 8000/tcp
- 8500/tcp. One method I though of was this:

ip nat inside source static 192.168.1.10 10.26.12.10 route-map TCP_RANGE
extendable

access-list 100 permit tcp host 192.168.1.10 range 8000 8500 any

route-map TCP_RANGE permit 10
match ip address 100

Can anyone see a flaw in this or is there a better way of doing this. Any
suggestions would be most appreciate.

Regards

John

• Next message: John: "ospf neighbors"
• Previous message: Huan Pham: "RE: BGP Problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:49 ARST