Re: NATing Port Range - IOS from swap m on 2010-07-11 (Ccielab archives 07/2010)

From: swap m <ccie19804_at_gmail.com>
Date: Sun, 11 Jul 2010 11:51:27 +0400

try using destination/rotary nat, even though its well known that it
works for only TCP, you should test in on newer codes, never know it
may work.

#ip nat pool LOCAL x.x.x.x x.x.x.x type rotary
#ip access-l ex INTERNET-TO-INSIDE
perm udp any host <z.z.z.z> range 10000 20000
# ip nat inside destination INTERNET-TO-INSIDE pool LOCAL

Test it and let us know.

Swap
#19804x2

On Sat, Jul 10, 2010 at 3:53 AM, ccie study <cciestudy_at_hotmail.com> wrote:
> FYI - ports I'm trying to forward through are: UDP Voice 10000 to 20000. These
> are Voice ports (5060 works).
>
> Thank you
>
>> From: cciestudy_at_hotmail.com
>> To: ccielab_at_groupstudy.com
>> Subject: NATing Port Range - IOS
>> Date: Fri, 9 Jul 2010 23:21:37 +0000
>>
>> Hi,
>>
>> I'm trying to nat a port range in IOS (12.4) router.
>>
>> What I like to do is:
>>
>> anyone form the internet Y.Y.Y.Y hitting my IP address of my outside router
>> interface Z.Z.Z.Z on ports 10,000 to 20,000 -> forward them to a internal
> host
>> (keep the ports) X.X.X.X.
>>
>> I'm have success when I configure each ONE port per each line - but when
> ever
>> I do port range using either pools, ACLs, route-maps with my NAT I'm not
> able
>> to get this to work. Again - it works when I do example: port 10,001 to
> 10,001
>> but when I do range from 10,000 to 20000 - no luck.
>>
>> Anyone ever tried this? Is this even supported in IOS? One would think this
> is
>> a simple thing to do - but I've been having issues for some time now trying
> to
>> figure this out.
>>
>> Thank you for help.
>>
>>
>>
>>
>> _________________________________________________________________
>> The New Busy is not the too busy. Combine all your e-mail accounts with
>> Hotmail.
>>
> http://www.windowslive.com/campaign/thenewbusy?tile=multiaccount&ocid=PID2832
>> 6::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_4
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>
> _________________________________________________________________
> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars with
> Hotmail.
> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID283
> 26::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Sun Jul 11 2010 - 11:51:27 ART

This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 19:19:15 ART