Cisco 1720 port forwarding

[alura]

Hi guys,

I have a cisco 1720 router... serial interface is to a frame relay and eth0 is to our internal network. I would like to set up a "port forwarding" sort of deal to forward all incoming traffic on TCP port 25 to our smtp gateway, which is also inside our network. Here is my config file, any help or suggestion would be appreciated.


!
version 12.0
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service dhcp
!
hostname GBT_1720
!
logging buffered 10000 debugging
!
!
!
!
!
memory-size iomem 20
ip subnet-zero
no ip finger
no ip domain-lookup
ip name-server 192.168.200.10
ip name-server 192.168.200.11
ip name-server 64.8.0.6
ip name-server 64.9.0.6
!
ip inspect max-incomplete high 1100
ip inspect one-minute high 1100
ip inspect name FastEthernet_0 tcp
ip inspect name FastEthernet_0 udp
ip inspect name FastEthernet_0 cuseeme
ip inspect name FastEthernet_0 ftp
ip inspect name FastEthernet_0 h323
ip inspect name FastEthernet_0 rcmd
ip inspect name FastEthernet_0 realaudio
ip inspect name FastEthernet_0 smtp
ip inspect name FastEthernet_0 streamworks
ip inspect name FastEthernet_0 vdolive
ip inspect name FastEthernet_0 sqlnet
ip inspect name FastEthernet_0 tftp
ip inspect name FastEthernet_0 http java-list 3 audit-trail on
ip inspect name Serial_0 tcp
!
!
process-max-time 200
!
interface Serial0
description connected to Internet
ip address 64.9.11.146 255.255.255.252
ip access-group 101 in
no ip directed-broadcast
ip nat outside
ip inspect Serial_0 in
encapsulation ppp
fair-queue 64 256 0
service-module t1 timeslots 1-4
service-module t1 remote-alarm-enable
no cdp enable
!
interface FastEthernet0
description connected to EthernetLAN
ip address 192.168.200.2 255.255.255.0
ip access-group 100 in
no ip directed-broadcast
ip nat inside
ip inspect FastEthernet_0 in
no cdp enable
!
router rip
version 2
passive-interface Serial0
network 192.168.200.0
no auto-summary
!
ip nat pool GBT_1720-natpool-0 64.9.11.141 64.9.11.141 netmask 255.255.255.252
ip nat inside source list 1 pool GBT_1720-natpool-0 overload
ip nat inside source static tcp 192.168.200.11 25 interface Serial0 25
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0
ip route 172.18.26.0 255.255.255.0 192.168.200.3 permanent
ip route 172.18.27.0 255.255.255.0 192.168.200.3 permanent
ip route 172.18.28.0 255.255.255.0 192.168.200.3 permanent
ip route 172.18.29.0 255.255.255.0 192.168.200.3 permanent
ip route 172.18.30.0 255.255.255.0 192.168.200.3 permanent
ip route 172.18.31.0 255.255.255.0 192.168.200.3 permanent
ip route 172.18.32.0 255.255.255.0 192.168.200.3 permanent
ip route 172.18.33.0 255.255.255.0 192.168.200.3 permanent
ip route 192.168.0.0 255.255.255.0 192.168.200.3 permanent
ip route 192.168.1.0 255.255.255.0 192.168.200.3 permanent
ip route 192.168.100.0 255.255.255.0 192.168.200.3 permanent
ip http server
!
logging trap debugging
logging 192.168.200.208
access-list 1 permit 192.168.200.0 0.0.0.255
access-list 3 permit any
access-list 100 permit ip any any
access-list 101 permit icmp any any
no cdp run
!
!

 

[StarTAC]

am sure this has appeared before on this forum, but u need to define a NAT statement like this one..

ip nat inside source static tcp x.x.x.x 25 y.y.y.y 25 extendable

where, according to your conf:

x.x.x.x = 192.168.200.x (your SMTP box)
y.y.y.y = 64.9.11.141 (the public IP onto which you overload)

good luck...