Redirecting Ports - Cisco PIX 500 Series Configuration Manual

NAT Examples

Redirecting Ports

Figure 17-28
be useful.
Figure 17-28
Telnet Server
10.1.1.6
FTP Server
10.1.1.3
Web Server
10.1.1.5
Web Server
10.1.1.7
In the configuration described in this section, port redirection occurs for hosts on external networks as
follows:
•
•
•
•
To implement this configuration, perform the following steps:
Configure PAT for the inside network by entering the following commands:
Step 1
hostname(config)# nat (inside) 1 0.0.0.0 0.0.0.0 0 0
hostname(config)# global (outside) 1 209.165.201.15
Redirect Telnet requests for 209.165.201.5 to 10.1.1.6 by entering the following command:
Step 2
hostname(config)# static (inside,outside) tcp 209.165.201.5 telnet 10.1.1.6 telnet netmask
255.255.255.255
Redirect FTP requests for IP address 209.165.201.5 to 10.1.1.3 by entering the following command:
Step 3
hostname(config)# static (inside,outside) tcp 209.165.201.5 ftp 10.1.1.3 ftp netmask
255.255.255.255
Redirect HTTP requests for the security appliance outside interface address to 10.1.1.5 by entering the
Step 4
following command:
hostname(config)# static (inside,outside) tcp interface www 10.1.1.5 www netmask
255.255.255.255
Cisco Security Appliance Command Line Configuration Guide
17-36
shows an example of a network configuration in which the port redirection feature might
Port Redirection Using Static PAT
10.1.1.1
Inside
Telnet requests to IP address 209.165.201.5 are redirected to 10.1.1.6.
FTP requests to IP address 209.165.201.5 are redirected to 10.1.1.3.
HTTP request to an security appliance outside IP address 209.165.201.25 are redirected to 10.1.1.5.
HTTP port 8080 requests to PAT address 209.165.201.15 are redirected to 10.1.1.7 port 80.
209.165.201.25
Outside
Chapter 17 Configuring NAT
OL-12172-03