Skip to main content
Viptela is now part of Cisco.
Support
Product Documentation
Viptela Documentation

port-forward

vpn interface nat port-forward—On a vEdge router operating as a NAT gateway, create port-forwarding rules to allow requests from an external network to reach devices on the internal network (on vEdge routers only). You can create up to 128 rules.

You configure NAT port forwarding on interfaces in the WAN transport VPN (VPN 0).

vManage Feature Template

For vEdge routers only:

Configuration ► Templates ► VPN Interface Cellular (for vEdge cellular wireless routers only)
Configuration ► Templates ► VPN Interface Ethernet
Configuration ► Templates ► VPN Interface NAT Pool
Configuration ► Templates ► VPN Interface PPP

Command Hierarchy

vpn 0 
  interface interface-name
    nat
      port-forward port-start port-number1 port-end port-number2 
        proto (tcp | udp) private-ip-address ip-address private-vpn vpn-id

Options

Port or Range of Ports
port-start port-number1 port-end port-number2
Define the port or port range of interest. port-number1 must be less than or equal to port-number2. To apply port forwarding to a single port, specify the same port number for the starting and ending numbers. When applying port forwarding to a range of ports, the range includes the two port numbers that you specify—port-number1 and port-number2. Packets whose destination port matches the configured port or ports are forwarded to the internal device.
Range: 0 through 65535
Private Server
private-ip-address ip-address
IP address of the internal device to which to direct traffic that matches the port-forwarding rule.
Private VPN
private-vpn vpn-id
Private VPN in which the internal device resides. This VPN is one of the VPN identifiers in the overlay network.
Range: 0 through 65535
Protocol
(tcp | udp)
Protocol to which to apply the port-forwarding rule. To match the same ports for both TCP and UDP traffic, configure two rules.

Example

Configure a NAT port filter:

vEdge(config-nat)# show full-configuration 
vpn 0
 interface ge0/7
  nat
   port-forward port-start 80 port-end 90 proto tcp
    private-vpn        1
    private-ip-address 10.10.1.2
   !
  !
 !
!

Release Information

Command introduced in Viptela Software Release 15.1.​

Additional Information

See the Configuring NAT Port Forwarding article for your software release.

  • Was this article helpful?