ip nat inside source static udp 192.168.1.254 23 63.1.1.1 23
Works just fine on my 1605R. You could also redirect to the same port on
multiple inside devices by using different outside ports (same as with the
Linksys and no doubt the Netgear):
ip nat inside source static udp 192.168.1.254 23 63.1.1.1 23
ip nat inside source static udp 192.168.1.253 23 63.1.1.1 22
ip nat inside source static udp 192.168.1.252 23 63.1.1.1 21
The only Cisco product at the moment that doesn't support port redirection
is the PIX, and even that feature will be added soon.
--
Jason Roysdon, CCNP+Security/CCDP, MCSE, CNA, Network+, A+
List email: [EMAIL PROTECTED]
Homepage: http://jason.artoo.net/
""Ken Claussen"" wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Fred,
> My experience is with the Netgear RT314, but the Linksys 1/4/8 port Cable
> Modem Router/switch perform almost the same function. These routers allow
> for port redirection true, but there is one small caveat. If I understand
> correctly you want to telnet to several different boxes inside your
network
> from outside. You can accomplish this, but not directly. These routers
only
> allow for port forwarding of any single port to any single host, different
> ports may go to different host true, but you may only port forward telnet
to
> a single machine on your internal network. However you could setup that
> machine to then telnet to all your other internal hosts. From a security
> perspective this would be more secure because you are only directly
exposing
> a single host to the outside. The filters, although difficult to setup in
> some cases, allow for quite robust filtering/logging (Linksys does not
> support syslog, Netgear does). The routers are also usually pretty secure
> out of the box, although I would recommend adjusting the filters to drop
ALL
> Source-Routed packets and ALL RFC 1918 addresses that originate from
outside
> the router. These are the two biggest weaknesses of these little routers,
> otherwise they make an excellent first layer of defense, especially when
> used with some host based firewall such as Zone Alarm or Black Ice. I use
it
> for my terminal server and a webserver and it has server me extremely
well.
> So far I have not seen any security advisories concerning any of these
> devices, check www.practicallynetworked.com for more in depth reviews and
> performance comparisons of the different models/manufacturers, it is an
> excellent site.
>
> PS I have a Cisco 1605R 12.1(5)T and I am using it alongside my Netgear
> RT314, so far I have not been able to find a way to "Port Forward" on the
> Cisco Device. I am using DHCP to get an address from my Cable Provider and
> that works great, but I cannot "Map" a port to an internal address. I
would
> love for someone to correct me on a way to do this, AFAIK this is one of
the
> only advantages these little $100-$200 Cable Modem routers have over there
> big brother Cisco routers. Otherwise they have less RAM/CPU resources and
> are not hardware upgradeable.
>
> Ken Claussen MCSE CCNA CCA
> "The Mind is a Terrible thing to Waste!"
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Fred Danson
> Sent: Saturday, April 14, 2001 4:24 PM
> To: [EMAIL PROTECTED]
> Subject: NAT capabilities of small Netgear/Linksys router [7:657]
>
>
> Hey Group,
>
> I am considering buying a small Netgear/Linksys router so I can link my
> computer, terminal server, and power supply to the internet through my
cable
>
> modem using NAT (actually it would be considered NAT overload or PAT, but
> Netgear and Linksys call it NAT). All of the Netgear/Linksys
advertisements
> that I have seen are very vague about their NAT capabilities.
>
> My goal is to have the ability to telnet to any of my inside devices from
an
>
> outside location. To do this, I would need to setup static PAT tables,
> right? Does anyone know if any of these small routers support this?
>
> Thanks in advance,
> Fred
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=677&t=657
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
