We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is Why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 581 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)


295 New Members signed up the last 30 days!


100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: , ,

Forum Replies

  1. Rene,

    Your scenario explains forwarding traffic to port 22 for SSH, but further down in your configuration example you are using port 25 for SMTP. Any reason for the change between the scenario and the example configuration??

  2. Hi Ralph,

    That was a typo, I just changed port 25 to 22. Thanks for letting me know!


  3. Hi Taslim,

    Hmm why would you want to do this? :slight_smile: We use PAT in this example so that someone on the Internet is able to connect to a public IP address on the outside so that we can reach our DMZ servers with private IP addresses.

    Our DMZ servers can reach the Internet by using "regular" NAT.


  4. in the lab you type "R2#ssh -l cisco -p 10022" could you tell me what this is?

    thank you in advance

  5. Hi,

    I have a server on our DMZ (, and I need outbound users to be able to connect to it via port 443. Here is my current config, does it make sense / do I need to adjust anything?

    object network Melb_RT_Serv
     nat (outside,dmz) dynamic* interface service 443 443
    object-group Melb_RT_Serv
    access-list Melb_RT_Serv permit tcp any object-group Melb_RT_Serv eq 443

    *since our ISP has provided with a /27 network, would the dynamic command work here?

24 more replies! Ask a question or join the discussion by visiting our Community Forum