Configuration of Cisco router port mappings

Test environment:

Cisco Router Intranet interface F0/1:192.168.1.1 255.255.255.0

External network Interface f0/0:10.0.0.1 255.255.255.0

Server ip:192.168.1.100

First configure on the router:

Router>en #进入特权模式

router#conf T #进入全局配置模式

Enter configuration commands, one per line. End With cntl/z.

Router (config) #access-list 1 permit 192.168.1.0 0.0.0.255 #建立访问控制列表准备做nat转换

Router (config) #ip nat inside source List 1 interface f0/0 #建立NAT转换, converts the address of 192.168.1.0 to the address of the interface f0/0

Router (config) #int f0/1 #进入接口模式

Router (config-if) #ip nat inside #设定f0/1 for NAT internal interface

Router (config-if) #int f0/0 #进入F0/0 Interface mode

Router (config-if) #ip nat outside #设定F0/0 for NAT external interface

Router (config-if) #exit

Router (config) #

NAT has been enabled at this time, the intranet can be online.

Now start port mapping to allow extranet access to intranet servers:

Router (config) #ip nat inside source static TCP 192.168.1.100 5631 10.0.0.1 5631 Extendable

Router (config) #ip nat inside source static TCP 192.168.1.100 5632 10.0.0.1 5632 extendable #因为10.0.0.1 This address has been applied to the f0/0 interface and has done NAT conversion address, here must add extendable this keyword, otherwise the error. If you use another extranet IP such as 10.0.0.2, you can add extendable here.

Now the extranet machine can access the intranet.

Command show ip NAT translations can view NAT conversion

Show run can also find the relevant configuration

Router (config) #exit #退出全局配置模式, using the show command in privileged mode

Router#sho IP NAT Translations

Pro Inside Global Inside local Outside local Outside global

TCP 10.0.0.1:23 192.168.1.100:23------

TCP 10.0.0.1:23 192.168.1.100:23 10.0.0.2:48268 10.0.0.2:48268

TCP 10.0.0.1:5631 192.168.1.100:5631------

TCP 10.0.0.1:5632 192.168.1.100:5632------

Attach: To delete which command, just add no before the command

Add: You telnet is 5631 port, and the server Telnet port is 23

You need to telnet to the server's 5631 port must change the server Telnet port, in the registry, the server's firewall to open the appropriate port.

If you do not change the server port can also map 5631 of the port to the server's 23 port, the command is as follows:

Router (config) #ip nat inside source static TCP 192.168.1.100 10.0.0.1 5631 extendable

To delete the mappings from 5631 to 5631 first, the commands are as follows:

Router (config) #no IP nat inside source static TCP 192.168.1.100 5631 10.0.0.1 5631 Extendable

You must map the 5631 ports of the extranet IP to the server's 23 port without changing the server port. And then you telnet IP 5631 is actually the Telnet server's 23 port

This article from the "Operation and maintenance work Struggle" blog, please be sure to retain this source http://yanghuawu.blog.51cto.com/2638960/827050