From the network topology, we have a web server that has been assigned a private IP address for security reasons.
The task is to configure router A to statically allow access to the web server on port 80 for all in-coming traffics to the public IP assigned to the router. In this demonstration, out ISP assigned public IP is 192.168.2.1 while the web server’s privately assigned IP is 192.168.1.3
Port forwarding on cisco router
Objective:
Our goal is to configure static NAT on the router in such a way that http requests to 192.168.2.1 from host B or any other host on the internet will be redirected to the web server. This will ensure that the IP of the Web server is not advertised to the internet.
Parameters:
Router A public IP: 192.168.2.1 (Yes, it is not a public IP. Just for demonstration purpose)
>>The first statement simply instructs the router to allow http request to 192.168.2.1(the public IP on
the router) to be redirected to an inside source address, in this case 192.168.1.3. HTTP is a TCP protocol that makes use of port 80.
>> Interface f0/0 is the interface connecting to the ISP and is named outside
>> Interface f0/1 connects to the LAN and is named inside interface.
To verify the workings of this setup, we will open a web browser on host B and type in router A’s public IP. This should take us to the web server. On your packet Tracer, click on host B, go to desktop and click on web browser. Type in the IP of router A’s WAN interface and hit the enter key. The result should be as shown below:
This configuration was done, assuming that other basic configurations had been done. For a guide on the complete configuration required on both routers, from start to finish, see the output of show run command on both routers.
RouterA:
interface FastEthernet0/0
ip address 192.168.2.1
255.255.255.0
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.1.1
255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface Vlan1
no ip address
shutdown
!
ip nat pool timigate
192.168.2.1 192.168.2.1 netmask 255.255.255.255
ip nat inside source list 1
pool timigate overload
ip nat inside source static
tcp 192.168.1.3 80 192.168.2.1 80
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
Advertising
This site uses functional cookies and external scripts to improve your experience.