Having problems configuring an 1841 to allow outside access in mapping some ports to internal addresses.
Need to allow the following:
External IP: port 8080 to 192.168.3.50
External IP: port 8081 to 192.168.3.51
Here is the config of the 1841:
FT-ROUTER#sh run
Building configuration...
Current configuration : 2394 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname FT-ROUTER
!
boot-start-marker
boot system flash c1841-ipbasek9-mz.124-20.T.bin
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
!
ip dhcp excluded-address 192.168.3.1 192.168.3.5
ip dhcp excluded-address 192.168.2.1 192.168.2.5
ip dhcp excluded-address 192.168.1.1 192.168.1.5
!
ip dhcp pool MAINDATA
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 68.105.28.16 68.105.29.16
!
ip dhcp pool PUBLICWIFI
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 68.105.28.16 68.105.29.16
!
ip dhcp pool SECURITY
network 192.168.3.0 255.255.255.0
default-router 192.168.3.1
dns-server 68.105.28.16 68.105.29.16
!
!
ip cef
no ip domain lookup
!
interface FastEthernet0/0
ip address 98.190.71.2 255.255.255.240
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.100
description FT-MAIN-DATA
encapsulation dot1Q 100
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.200
description FT-PUBLIC-WIRELESS
encapsulation dot1Q 200
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1.300
encapsulation dot1Q 300
ip address 192.168.3.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
!
ip default-gateway 98.190.71.1
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 98.190.71.1
!
ip nat inside source list 10 interface FastEthernet0/0 overload
!
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 10 permit 192.168.2.0 0.0.0.255
access-list 10 permit 192.168.3.0 0.0.0.255
Here is a basic diagram:
Best Answer
Your requirement seems to be inbound traffic ,Wants to access servers hosted in inside networks from outside networks . To establish this connectivity static natting has to configure in edge device or perimeter device .
Static NAT
Routet(config)# ip nat inside souce static 192.168 .3.50 X.X.X.X eq 8080
Router(config)#ip nat inside souce static 192.168 3.51 X.X.X.X eq 8081
Where as X.X.X.X is external ie public IP address