Re: OT:Port Forwarding

Hi Faizan,

From my point of view here, Option 1 could work, but not sure about one
thing. Option 2 wouldnt work in this case, because you really want an
"inside destination" natting to occur. In Option 2, the incoming traffic
will not trigger the NAT because its coming from outside, and there is not
static NAT configured and therefore the translation trable will be empty
when the traffic hits the outside interface, even though your ACL is
matching on the return traffic.

Now, back to Option 1. I have not tested a situation where you have 2
policies; the first policy doing a PAT and the second policy doing an Inside
Destination NAT. The config looks OK to me, but can you try again but remove
the PAT (overload on the outside interface)?

Let us know how you get on please.

Later

On Sat, Jun 12, 2010 at 7:59 PM, faizan khurshid <
faizankhurshid921_at_hotmail.com> wrote:

> To Group
>
> i have public pool IP of 252 i m running internet over it Media box is
> situated at inside LAN .my client want port forwarding
> to access Media BOX and its lan ip is 192.168.10.30 i did following
> configuration but couldn't get success
>
> correct me if i m wrong i think due to unavailability of public IP it
> wouldnt
> easy for me to do successful port forwarding
> i did following configuration
>
> interface FastEthernet0/0
> ip address 192.168.30.1 255.255.255.0
> ip
> nat inside
> !
> interface FastEthernet0/1
> ip address
> 210.2.144.150 255.255.255.248
> ip nat outside
> !
> ip nat pool
> Forwarding 192.168.30.10 192.168.30.10 netmask 255.255.255.0 type rotary
> ip
> nat inside source list 101 interface FastEthernet0/1 overload
> ip nat
> inside destination list WOW pool Forwarding
> !
>
> access-list 101
> permit ip 192.168.30.0 0.0.0.255 any
>
> ip access-list extended
> WOW
> permit tcp any any range 19 19000
>
> 2nd configuration i made on assumption that my client have public ip of
> 210.2.144.151
>
>
> ip nat pool Forwarding 210.2.144.151 210.2.144.151 255.255.255.252
>
>
> ip
> access-list extended WOW
> permit tcp 192.168.30.0 0.0.0.0 range 19
> 19000 any
>
> ip nat inside source list WOW pool Forwarding
>
>
>
> Corect me if i m wrong any where
>
>
> Thanks /Regards
>
>
>
> _________________________________________________________________
> Your E-mail and More On-the-Go. Get Windows Live Hotmail Free.
> https://signup.live.com/signup.aspx?id=60969
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
CCIE #19963
Blogs and organic groups at http://www.ccie.net