Community
Switches, Hubs, and Modems
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Specific port forwarding on 7102

SOLVED
Go to solution
Topic Options
Ryan_G
Ryan_G
Frequent Advisor

‎04-22-2008 09:05 PM

‎04-22-2008 09:05 PM

Specific port forwarding on 7102

HI Guys

How do i forward a port (say 3389) coming in from the internet to a internal host on a different port (i.e 3389)?

I have the following lists: Not sure where to put in the source port.

!
ip access-list extended wizard-pfwd-3
remark Port Forward 3
permit tcp any host 121.50.211.62 eq 5020 log
!
ip access-list extended wizard-pfwd-4
remark Port Forward 4
permit tcp any host 121.50.211.62 eq 5021 log
!
ip policy-class Private
allow list self self
nat source list wizard-ics interface ppp 1 overload
!
ip policy-class Public
nat destination list wizard-pfwd-1 address 192.168.11.23
nat destination list wizard-pfwd-2 address 192.168.11.23
nat destination list wizard-pfwd-3 address 192.168.11.27
nat destination list wizard-pfwd-4 address 192.168.11.28
!
0 Kudos
4 REPLIES
Matt Hobbs
Matt Hobbs
Honored Contributor

‎04-23-2008 07:53 PM

‎04-23-2008 07:53 PM

Solution

Re: Specific port forwarding on 7102

You're almost there Ryan. If you're using the web-interface (best web-int in the market in my opinion) when in the Security Zones, Public, Add Policy to Zone - select Port Forward and then Forward only traffic specified below with port translation.

Configure it as you would and you should end up with something like:

!
ip access-list extended wizard-pfwd-3
remark Port Forward 3
permit tcp any host 121.50.211.62 eq 5020 log
!
ip access-list extended wizard-pfwd-4
remark Port Forward 4
permit tcp any host 121.50.211.62 eq 5021 log
!
ip policy-class Private
allow list self self
nat source list wizard-ics interface ppp 1 overload
!
ip policy-class Public
nat destination list wizard-pfwd-1 address 192.168.11.23 port 3389
nat destination list wizard-pfwd-2 address 192.168.11.23 port 3389
nat destination list wizard-pfwd-3 address 192.168.11.27 port 3389
nat destination list wizard-pfwd-4 address 192.168.11.28 port 3389
!

The only bit missing from your config is that 'port 3389' after the nat destination.
0 Kudos
Ryan_G
Ryan_G
Frequent Advisor

‎04-23-2008 08:01 PM

‎04-23-2008 08:01 PM

Re: Specific port forwarding on 7102

Cheers Matt

That was too easy. I just wasnt looking in the Security Zones section. I was trying to do it through the wizard (which can't set it up).

Your a dead set legend. Your help on the forums is awesome.
0 Kudos
Ryan_G
Ryan_G
Frequent Advisor

‎04-23-2008 08:02 PM

‎04-23-2008 08:02 PM

Re: Specific port forwarding on 7102

See Matt's Answer.
0 Kudos
Matt Hobbs
Matt Hobbs
Honored Contributor

‎04-23-2008 08:21 PM

‎04-23-2008 08:21 PM

Re: Specific port forwarding on 7102

Always a pleasure Ryan (as long as the points keep flowing!).
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.