Question : Cisco Router 1711 (Port-forwarding/NAT) Question

I'm trying to forward traffic to a certain port to a certain computer. I want all outside traffic trying to go to port 80 to get forwarded to port 8080 on this IP address: 10.2.250.17

Here is part of my config:

!
interface Tunnel11
description $FW_INSIDE$
bandwidth 1000
ip address 10.12.11.250 255.255.255.0
ip access-group 100 in
no ip redirects
ip mtu 1436
ip nhrp authentication cisco123
ip nhrp map 10.12.11.1 12.xxx.xxx.xxx
ip nhrp map multicast 12.xxx.xxx.xxx
ip nhrp map 10.12.11.2 65.xxx.xxx.xxx
ip nhrp map multicast 65.xxx.xxx.xxx
ip nhrp network-id 11
ip nhrp holdtime 300
ip nhrp nhs 10.12.11.1
ip nhrp nhs 10.12.11.2
no ip route-cache cef
no ip route-cache
ip ospf network broadcast
ip ospf priority 0
no ip mroute-cache
load-interval 30
delay 1000
qos pre-classify
tunnel source FastEthernet0
tunnel mode gre multipoint
tunnel key 11
tunnel protection ipsec profile vpnprof
!
interface Null0
no ip unreachables
!
interface FastEthernet0
description $FW_OUTSIDE$TO Outside
ip address dhcp
ip access-group 104 in
no ip redirects
ip nat outside
ip inspect DEFAULT100 out
service-policy output Shaper
ip route-cache flow
tx-ring-limit 2
tx-queue-limit 2
speed auto
half-duplex
no cdp enable
!
interface FastEthernet1
switchport mode trunk
switchport voice vlan 2
no ip address
spanning-tree portfast
!
interface FastEthernet2
switchport mode trunk
switchport voice vlan 2
no ip address
spanning-tree portfast
!
interface FastEthernet3
switchport mode trunk
switchport voice vlan 2
no ip address
spanning-tree portfast
!
interface FastEthernet4
switchport mode trunk
switchport voice vlan 2
no ip address
spanning-tree portfast
!
interface Vlan2
description $FW_INSIDE$Voice VLAN
ip address 10.3.250.1 255.255.255.0
ip access-group 103 in
!
interface Vlan1
description $FW_INSIDE$Data VLAN
ip address 10.2.250.1 255.255.255.0
ip access-group 101 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache flow
ip tcp adjust-mss 1024
!
interface Async1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
!
router ospf 1
router-id 10.12.11.250
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
distance 111 10.12.11.2 0.0.0.0 1
!

Answer : Cisco Router 1711 (Port-forwarding/NAT) Question

The following command should do the trick...

ip nat inside source static tcp 10.2.250.17 8080 interface fastethernet0 80

You'll also need to modify access-list 104 to permit the traffic inside:

access-list 104 permit tcp any any eq 80

Random Solutions

Max length of a Cat5 cable?

Cisco VPN - Windows XP

Snag It - How do I get this expired trial to stop loading at startup?

Application Explorer - Environment Variables - Update without restart

Many Asterisk Questions

Problem starting an APP with Jboss 4.2.2 (EJB3)

how to setup Dyndns on their site to use with a Netgear router

DNS error recurring _ldap._tcp.gc._msdcs.mydom<wbr />ain.com.

DNS Reverse lookup zone multible PTR records

NAT and ACL on 2600