Have you ever needed to get to a web server or email server from the outside of your network, and you didn't have a firewall in place, but you had IOS router instead? I have seen where there have been IOS routers in place for access to the public network instead of an ASA. Nothing wrong with that if the proper security is in place, but I wanted to cover how you would access a server from the outside if you needed to. You would do this with a static NAT translation and the proper security ACL. Lets work with an www server.
First, make sure a couple of things are in place:
interface GigabitEthernet0/0
description -------- To Internet ----------------
ip address 70.70.70.82 255.255.255.240
ip nat outside <----------- Make sure you have your
ip access-group 110 in <---------- Make sure you have proper security
Lets look at the ACL:
access-list 110 permit tcp any 70.70.70.83 eq www
Lets put our static nat translation in. Ltes say our www server is 10.10.10.4 on the inside. Our public is 70.70.70.83. Here is the command:
ip nat inside source static 10.10.10.4 70.70.70.83
