 Home --> Cisco Tips --> Dynamic NAT Configuration Kenny Taylor, CCNA I don't think I've ever set up a NAT firewall for a business without immediately punching holes through it. NAT is great, but there will always be interior services that the world will need to access. This quick tutorial assumes a couple of things: 1) you already have your NAT up and running correctly and 2) you have a single internet connection on Ethernet0/0. Every home user needs a web server, right? Let's assume that your LAN subnet is 192.168.0.0/24 and you have a web server with an internal address of 192.168.0.20. We want to map TCP port 80 from your WAN interface to 192.168.0.20. ip nat inside source static tcp 192.168.0.20 80 interface ethernet0/0 80 Using "interface ethernet0/0" is handy, because if your WAN connection has a dynamic IP, you don't have to reconfigure the NAT mapping every time your public IP changes. If you have a static IP, say 24.161.1.23, you can do this instead: ip nat inside source static tcp 192.168.0.20 80 24.161.1.23 80
|