PPTP and HTTP Port Forwarding with Static NAT on a Cisco Router
     

French Workers Strike Over Pension Reforms
Category:  

Waste Collection Is Everyone's Responsibility
Category:  

Tips When Searching For Perfumes Online
Category:  

The Highest Paid Actress Of The Nineties
Category:  

Mobile Phones: Live Your Hi-tech Dreams to the Fullest
Category:  

How To Get Listed In Yahoo For Free!
Category:  

Omega 3 Fatty Acids can Affect Your Health & Nutrition
Category:  

Do you have a Quality Management System and now you have to do a...
Category:  

Advice on Buying Poker Chip Sets
Category:  

Bhutto's Party Chooses Her Son, Husband as New Party Leaders
Category:  

Calderon Named President-elect of Mexico
Category:  

Your Cooking Common Questions Answered
Category:  

Generic Wellbutrin Approved
Category:Health / Fitness  

Embracing Your Multiple Streams of Passion
Category:  

Unleash It!
Category:self-help  

A Perfect house for sale guide to homebuyers & sellers
Category:Real Estate  

A fixer upper house has to have pretty windows and more!
Category:  

How to Choose the Right Casket
Category:Home And Family  

2 Koreas Exchange Shots Across Demilitarized Zone
Category:  

Josh Turner Long Black Train Country Music CD Review
Category:  

Cell Phone Ringtones 101
Category:Computers  

Forex Trading - 3 Simple Tips for Triple Digit Profits
Category:  

Sony SXRD HDTV Review
Category:Home And Family  

Car loan | Homeowners loan | Secured personal loan | Car finance
Category:  

Finding a target market
Category:  

An Anti-Aging HGH Product Exclusive
Category:Health / Fitness  

How To Install a Trailer Hitch
Category:  

Understanding Your Options For A VOIP Phone
Category:  

Automatic caller distribution systems in call centers
Category:  

How To Access Las Vegas Hotel Discounts Without Making Reservati...
Category:  

How to Find the Owner of Any Phone Number Using Reverse Phone Se...
Category:  

Three Services On One Bill Means Three Times the Savings with Co...
Category:  

China Trade Surplus Set to Hit $150 Billion
Category:  

Vacation in Calmer, Gentler Puerto Morelos
Category:  

Direct TV Satellite Deals for Movie Fans
Category:  

Adding audio to your web site
Category:web-design  

Kenya Investigates Airport Security Breach
Category:  

What Rates And Facilities You Should Expect From Dubai Hotels
Category:  

Negotiations Begin for Burundi Peace Agreement
Category:  

How To Minimize Stress During World Travel and Tours
Category:  

Starting Your Business By The Book
Category:  

%%How to pick the Affiliate Program that will work for you.%%
Category:  

Cedar Creek Grill: Genealogical Society of Utah Hotels
Category:  

Hot Birds need a Bird Bath
Category:  

HSBC Expects Revenue To Rise Rapidly In India
Category:Finance / Investment  

Mobbing Is Emotional Abuse
Category:  

Foreign Policy Issues Top Democrats' Debate
Category:  

Financing Growth
Category:  

Iraqi Military Academy Is Key To Victory
Category:  

Understanding What Reciprocal Linking Means
Category:Business  

US 2008 Presidential Field Expands Quickly
Category:  

US Researchers Report Sharp Rise in Drug-Resistant Infection Dea...
Category:  


Category:  

Heavenly Football With New Orleans Saints Tickets
Category:  

Sony Ericsson K-series phones; offers unlimited
Category:  

Validating Form Input in JavaScript
Category:  

Dishnetworks Customers Are Incredibly Happy With Their Service
Category:  

6 Steps on How to install confidence into your clients.
Category:  

Alaska Cruise Or Land Tour For A Vacation That Warms Your Heart
Category:Travel  

Time Tracking
Category:  

using google adwords to drive traffic
Category:Marketing  

Growing Hibiscus
Category:  

Buy Land And Build A House
Category:  

Chinese Province Receives $500 Thousand Highway Grant
Category:  

Emerging property markets equal African holiday hot spots
Category:  

Meditation: A Great Catholic Bonus
Category:  

Exotic Pets: Degu
Category:  

Belarus Bars Polish Politicians From Celebration
Category:  

India Property
Category:  

Let's Start With The Soup
Category:  

Do You Believe In Hypnosis ?
Category:  

Five Things You Absolutely Need To Know To Become A Successful D...
Category:  

Carpal Tunnel Begins in Your Neck, Not Your Wrist
Category:  

Stock Research ? Home Depot - Great Manager Blows HIMSELF UP
Category:  

Chinese President in Saudi Arabia for Oil, Trade Talks
Category:

       

PPTP and HTTP Port Forwarding with 0 article

PPTP and HTTP Port Forwarding with Static NAT on a Cisco Router

don@soundtraining.

By Don R. Crawley
Category: 0

Submit your Recipes Here!

don@soundtraining.net.


Best regards

Don R. Crawley
http://www.soundtraining.net

PPTP and HTTP Port Forwarding with Static NAT on a Cisco Router
Recently, a student at one of our seminars asked about port
forwarding on a router. She wanted to allow PPTP clients
to connect from the outside to a VPN server on the inside.
In this article, I'll explain how to do it along with a
quick look at using static NAT to forward packets to a web
server.

Port Forwarding on a Cisco Router

Sometimes we have internal resources that need to be
Internet-accessible such as Web servers, mail servers, or
VPN servers. Generally, I recommend isolating those
resources in a DMZ to protect your office LAN from the bad
guys, but regardless of how you choose to design it, the
process involves forwarding desired packets from the
router's outside interface to an internal host. It's
really a fairly simple process. Here's the configuration
on a Cisco 2611 router:

interface Ethernet0/1
ip address 12.1.2.3 255.255.255.0
ip nat outside
!
interface Ethernet0/0
ip address 192.168.101.1 255.255.255.0
ip nat inside
!
ip nat inside source list 101 interface Ethernet0/1 overload
ip nat inside source static tcp 192.168.101.2 1723
interface Ethernet0/1 1723
!
access-list 101 permit ip any any

In the above configuration, Ethernet 0/1 is connected to
the public Internet with a static address of 12.1.2.3 and
Ethernet 0/0 is connected to the inside network with a
static address of 192.168.101.1. NAT outside is configured
on E0/1 and NAT inside is configured on E0/0. Access-list
101 works in conjunction with the "ip nat inside source
list 101 interface Ethernet0/1 overload" statement to
permit all inside hosts to use E0/1 to connect to the
Internet sharing whatever IP address is assigned to
interface Ethernet E0/1.

The "overload" statement implements PAT (Port Address
Translation) which makes that possible. (PAT allows
multiple internal hosts to share single address on an
external interface by appending different port numbers to
each connection.)

The statement "ip nat inside source static tcp
192.168.101.2 1723 interface Ethernet0/1 1723" takes
incoming port 1723 (PPTP) requests on Ethernet0/1 and
forwards them to the VPN server located at 192.168.101.2.

You could do something similar with a Web server by
changing port 1723 to port 80 or port 443. Here's what
that would look like:

interface Ethernet0/1
ip address 12.1.2.3 255.255.255.0
ip nat outside
!
interface Ethernet0/0
ip address 192.168.101.1 255.255.255.0
ip nat inside
!
ip nat inside source list 101 interface Ethernet0/1 overload
ip nat inside source static tcp 192.168.101.2 80 interface
Ethernet0/1 80
!
access-list 101 permit ip any any

In this example, the web server is located at 192.168.101.2
and instead of forwarding PPTP (port 1723) traffic, we're
forwarding HTTP (port 80) traffic.

Obviously, you can configure your Cisco router in a similar
manner to forward nearly any type of traffic from an
outside interface to an internal host.


----------------------------------------------------
Don R. Crawley, CCNA-certified, is president and chief
technologist at soundtraining.net
(http://www.soundtraining.net), the Seattle training firm
specializing in business skills and technical training for
IT professionals. He works with IT pros to enhance their
work, lives, and careers. For a free subscription to
soundbytes, Don's 60-second e-zine for IT pros with
musings, rants, and how-to guides, visit
http://www.soundtraining.net/signup.cfm