All home networking related discussions.
imogthe
New Member
Posts:
19
Joined:
Wed Feb 15, 2006 6:42 am

Cisco IOS NAT with dynamically assigned IP

Wed Feb 15, 2006 6:59 am

Hello

I am trying to use a Cisco 2611 (IOS version 12.0(7)T) router on my home network to allow me to host a web server behind NAT. The only documentation I can find indicates that you _must_ know the public IP address being used at any time.

My current router (a Cisco/Linksys wireless device) allows me to simply forward connections to a specified address on the inside network.

My question is therefore: Is it at all possible to configure the router to do this, or will I have to use something like a perl script to change the "ip nat inside source static ..." configuration when the public IP changes?

I have set up two routers to simulate my local->ISP network and used the following configuration:
---
ip nat pool nat_pool 192.168.1.10 192.168.1.20 netmask 255.255.255.0
ip nat inside source list 1 pool nat_pool
ip nat inside source static 10.0.0.10 0.0.0.0 ## 10.0.0.10 is the s0 interface of the remote router

int e0
ip address 192.168.1.1 255.255.255.0
ip nat outside

int s0
ip address 10.0.0.1 255.255.255.0
ip nat inside
---

I could of course pay my ISP more money to get a static IP address but I'd like to pursue the NAT option first :)

I hope this makes sense and that someone will be able to tell me where I'm going wrong or simply that it can't be done.

Cheers and thanks for your time!

geko29
Ultimate Member
Posts:
952
Joined:
Mon Feb 06, 2006 5:11 pm

Wed Feb 15, 2006 9:37 am

Though I'm not quite clear on your 2 router simulation, I should be able to answer your question. To put a web server behind your router, you'd use a command like:

ip nat inside source static tcp w.w.w.w 80 interface e0 80

Essentially, this tells the router to forward all traffic it receives on e0 (the outside interface), TCP port 80 to your web server at IP w.w.w.w, TCP port 80. You'll still need to allow the traffic to come in, with a line such as:

access-list 101 permit tcp any any eq 80

imogthe
New Member
Posts:
19
Joined:
Wed Feb 15, 2006 6:42 am

Wed Feb 15, 2006 10:51 am

Thank you for replying.

My fault for not being more clear about my two router simulation :(

I was sure there would be a way of doing what I wanted, all I could think of was using the 0.0.0.0 wildcard which did not work. Your suggestion works marvellously! I shall be kicking myself forthwith for not getting it right the first time!

If you're ever in Aberdeen, Scotland, I will buy you a beer or a poison of your choosing.

Cheers and once again thank you very much!


Return to Home Networking

Who is online

Users browsing this forum: No registered users and 82 guests