NAT with Port Forwarding
NAT port forwarding is typically used to allow remote hosts to connect to a host or server on our private LAN. A host from the Internet will connect to the outside IP address of a router that is configured for NAT. This NAT router will forward traffic to host on the inside. Here is an example:
Above we have three routers, we’ll use these to demonstrate NAT port forwarding. R1 represents an internal Web-Server, where R3 represents user-host on the outside. R2 will make sure that the Web-Server is reachable from the outside using the external IP address.
First we will configure a static route on R1 so it knows how to reach the outside world:
! R1(config)#ip route 0.0.0.0 0.0.0.0 fa1/0 192.168.12.2 !
Now we can worry about the NAT commands. Let’s configure the inside and outside interfaces:
R2(config)#interface FastEthernet 0/0 R2(config-if)#ip nat inside ! R2(config)#interface FastEthernet 1/0 R2(config-if)#ip nat outside
Now we should configure the Port forwarding feature using the outside IP address
When someone try to connect to TCP port 80 on the outside interface of R2, it should be forwarded to R1. Here’s how to do it:
! R2(config)#ip nat inside source static tcp 192.168.12.1 80 192.168.23.2 80 extendable !