Port Forwarding on Cisco Router
15,595
The problem was in my destination, different from cisco router.
To check if your cisco router is making port forwarding you do:
Router#sh ip nat trans | i 80
Then check if there is an entrance similar to this:
tcp 186.67.181.203:80 192.168.1.20:80 85.72.43.64:51720 85.72.43.64:51720
If it's there, it's making the port forwarding.
Related videos on Youtube
Author by
jacktrades
Updated on September 18, 2022Comments
-
jacktrades over 1 year
I'm a Cisco newbie, have the 1841, with two ethernet interfaces:
interface FastEthernet0/0: Internal Desired destination IP: 186.67.181.140 interface FastEthernet0/1: External World IP 186.67.181.140
Want to make a HTTP port forwarding from External World to Internal IP.
Tried adding this rule, but does not make the forwarding:
ip nat inside source static tcp 192.168.1.20 80 186.67.181.140 80 extendable
Any idea why I don't get the port forwarding right?
Complete configuration:
interface FastEthernet0/0 ip address 192.168.0.1 255.255.255.0 secondary ip address 192.168.1.1 255.255.255.0 ip nat inside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet0/1 ip address 186.67.181.140 255.255.255.248 ip nat outside ip virtual-reassembly duplex auto speed auto ! ip classless ip route 0.0.0.0 0.0.0.0 186.67.181.141 no ip http server no ip http secure-server ip nat inside source list 100 interface FastEthernet0/1 overload ip nat inside source static tcp 192.168.1.20 80 186.67.181.140 80 extendable ! ! access-list 100 permit ip any any access-list 111 permit ip 192.168.1.0 0.0.0.255 any access-list 111 permit ip 192.168.0.0 0.0.0.255 any
-
David Schwartz almost 10 yearsYou don't really describe the problem very well. What exactly happens? How did you test whether the rule was working and what results did you get? (You may have just tested incorrectly -- for example, by testing from inside your own network when your rule only applies to traffic from the outside.)
-
jacktrades almost 10 yearsI try to reach the public ip from a browser and I get connection refused.
-
David Schwartz almost 10 yearsWhere did you test from? Did you test from outside your network? Did you confirm that there's a listening socket bound to 192.168.1.20:80 for traffic to be NATted to?
-
jacktrades almost 10 yearsTested from outside and inside network with the public ip. Does not work. From Inside local ip, webserver at 192.168.1.20 works fine.
-
David Schwartz almost 10 yearsThat's very strange, because connection refused means that something is refusing the connection.
-
jacktrades almost 10 years@DavidSchwartz gist.github.com/crised/5156763e8939d30e65ee
-
jacktrades almost 10 years@DavidSchwartz you were right, problem was with the webserver, I configured it without the default gateway!
-
Admin over 8 yearsdid you allow the the permit any to XXX.XXX.XXX.XXX to the outside interface access-list . You should have an access-group command under the outside interface
-