# Routeur Nat interne

## <span class="svelte-1fz0gqk">Documentation : Redirection de port sur routeur Cisco</span>

### <span class="svelte-1fz0gqk">Lister les redirections de port</span>

<span class="svelte-1fz0gqk">Pour afficher les règles de redirection (NAT statique) actives :</span>

```
show ip nat translations
```

<div class="copy-container svelte-clssou" id="bkmrk-"><button class="button svelte-na4a2u type size--tiny type--plain-faint theme--default icon-only icon-start tooltip--bottom" data-sveltekit-reload="true" role="button"><svg class="icon" fill="none" height="20" viewbox="0 0 20 20" width="20" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M6.529 8.07c0-.851.69-1.542 1.541-1.542h8.334c.851 0 1.541.69 1.541 1.542v8.334c0 .85-.69 1.541-1.541 1.541H8.07c-.851 0-1.541-.69-1.541-1.541zm1.541-.125a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h8.334a.125.125 0 0 0 .125-.125V8.07a.125.125 0 0 0-.125-.125zM1.792 3.333c0-.851.69-1.541 1.541-1.541h8.334c.851 0 1.541.69 1.541 1.541v1.09a.708.708 0 0 1-1.416 0v-1.09a.125.125 0 0 0-.125-.125H3.333a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h1.09a.708.708 0 1 1 0 1.416h-1.09c-.851 0-1.541-.69-1.541-1.541z" fill="currentColor" fill-rule="evenodd"></path></svg></button></div><span class="svelte-1fz0gqk">Pour voir la configuration complète incluant les règles statiques :</span>

```
show running-config | include ip nat inside source
```

### <span class="svelte-1fz0gqk">Comprendre la redirection</span>

<span class="svelte-1fz0gqk">Dans votre cas, l’accès à </span>`10.123.33.205`<span class="svelte-1fz0gqk"> redirige vers </span>`192.168.120.2`<span class="svelte-1fz0gqk"> (Proxmox) car une règle NAT statique est configurée, probablement de ce type :</span>

```
ip nat inside source static tcp 192.168.120.2 80 10.123.33.205 80
```

<div class="copy-container svelte-clssou" id="bkmrk--1"><button class="button svelte-na4a2u type size--tiny type--plain-faint theme--default icon-only icon-start tooltip--bottom" data-sveltekit-reload="true" role="button"><svg class="icon" fill="none" height="20" viewbox="0 0 20 20" width="20" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M6.529 8.07c0-.851.69-1.542 1.541-1.542h8.334c.851 0 1.541.69 1.541 1.542v8.334c0 .85-.69 1.541-1.541 1.541H8.07c-.851 0-1.541-.69-1.541-1.541zm1.541-.125a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h8.334a.125.125 0 0 0 .125-.125V8.07a.125.125 0 0 0-.125-.125zM1.792 3.333c0-.851.69-1.541 1.541-1.541h8.334c.851 0 1.541.69 1.541 1.541v1.09a.708.708 0 0 1-1.416 0v-1.09a.125.125 0 0 0-.125-.125H3.333a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h1.09a.708.708 0 1 1 0 1.416h-1.09c-.851 0-1.541-.69-1.541-1.541z" fill="currentColor" fill-rule="evenodd"></path></svg></button></div>---

### <span class="svelte-1fz0gqk">Désactiver temporairement la redirection</span>

**<span class="svelte-1fz0gqk">Sur les routeurs Cisco traditionnels (IOS), il n’existe pas de commande pour désactiver temporairement une règle NAT statique sans la supprimer.</span>**  
<span class="svelte-1fz0gqk">La seule solution est de </span>**<span class="svelte-1fz0gqk">supprimer</span>**<span class="svelte-1fz0gqk"> la règle, puis de la </span>**<span class="svelte-1fz0gqk">réinsérer</span>**<span class="svelte-1fz0gqk"> si besoin. </span><button class="inline-citation svelte-ixv2oh" type="button"><svg class="icon" height="24" viewbox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M13.434 4.434a4.336 4.336 0 0 1 6.132 6.132l-3.998 3.997a4.3 4.3 0 0 1-6.14-.003.8.8 0 1 1 1.143-1.12 2.7 2.7 0 0 0 3.857 0l.006-.006 4-4a2.735 2.735 0 1 0-3.869-3.868l-.5.5a.8.8 0 0 1-1.13-1.132zm-3.6 4.051a4.3 4.3 0 0 1 4.737.955.8.8 0 0 1-1.143 1.12 2.7 2.7 0 0 0-3.857 0l-.005.006-4 4a2.735 2.735 0 1 0 3.868 3.868l.5-.5a.8.8 0 1 1 1.132 1.132l-.5.5a4.336 4.336 0 0 1-6.132-6.132l3.997-3.997a4.3 4.3 0 0 1 1.403-.952" fill-rule="evenodd"></path></svg></button>

#### <span class="svelte-1fz0gqk">Supprimer la règle :</span>

```
configure terminal
no ip nat inside source static tcp 192.168.120.2 [port] 10.123.33.205 [port]
```

<div class="copy-container svelte-clssou" id="bkmrk--3"><button class="button svelte-na4a2u type size--tiny type--plain-faint theme--default icon-only icon-start tooltip--bottom" data-sveltekit-reload="true" role="button"><svg class="icon" fill="none" height="20" viewbox="0 0 20 20" width="20" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M6.529 8.07c0-.851.69-1.542 1.541-1.542h8.334c.851 0 1.541.69 1.541 1.542v8.334c0 .85-.69 1.541-1.541 1.541H8.07c-.851 0-1.541-.69-1.541-1.541zm1.541-.125a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h8.334a.125.125 0 0 0 .125-.125V8.07a.125.125 0 0 0-.125-.125zM1.792 3.333c0-.851.69-1.541 1.541-1.541h8.334c.851 0 1.541.69 1.541 1.541v1.09a.708.708 0 0 1-1.416 0v-1.09a.125.125 0 0 0-.125-.125H3.333a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h1.09a.708.708 0 1 1 0 1.416h-1.09c-.851 0-1.541-.69-1.541-1.541z" fill="currentColor" fill-rule="evenodd"></path></svg></button></div>> <span class="svelte-1fz0gqk">Exemple : </span>`no ip nat inside source static tcp 192.168.120.2 80 10.123.33.205 80`<span class="svelte-1fz0gqk"> </span><button class="inline-citation svelte-ixv2oh" type="button"><svg class="icon" height="24" viewbox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M13.434 4.434a4.336 4.336 0 0 1 6.132 6.132l-3.998 3.997a4.3 4.3 0 0 1-6.14-.003.8.8 0 1 1 1.143-1.12 2.7 2.7 0 0 0 3.857 0l.006-.006 4-4a2.735 2.735 0 1 0-3.869-3.868l-.5.5a.8.8 0 0 1-1.13-1.132zm-3.6 4.051a4.3 4.3 0 0 1 4.737.955.8.8 0 0 1-1.143 1.12 2.7 2.7 0 0 0-3.857 0l-.005.006-4 4a2.735 2.735 0 1 0 3.868 3.868l.5-.5a.8.8 0 1 1 1.132 1.132l-.5.5a4.336 4.336 0 0 1-6.132-6.132l3.997-3.997a4.3 4.3 0 0 1 1.403-.952" fill-rule="evenodd"></path></svg></button>

#### <span class="svelte-1fz0gqk">Réactiver plus tard :</span>

<span class="svelte-1fz0gqk">Réexécutez la commande NAT sans </span>`no`<span class="svelte-1fz0gqk">.</span>

#### <span class="svelte-1fz0gqk">Sauvegarder :</span>

```
write memory
```

### <span class="svelte-1fz0gqk">Remarque</span>

<span class="svelte-1fz0gqk">Sur les équipements </span>**<span class="svelte-1fz0gqk">Cisco ASA/Firepower</span>**<span class="svelte-1fz0gqk"> (avec interface graphique), il est possible de </span>**<span class="svelte-1fz0gqk">désactiver</span>**<span class="svelte-1fz0gqk"> une règle NAT sans la supprimer via une option </span>*<span class="svelte-1fz0gqk">Enable/Disable</span>*<span class="svelte-1fz0gqk">. </span><button class="inline-citation svelte-ixv2oh" type="button"><svg class="icon" height="24" viewbox="0 0 24 24" width="24" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M13.434 4.434a4.336 4.336 0 0 1 6.132 6.132l-3.998 3.997a4.3 4.3 0 0 1-6.14-.003.8.8 0 1 1 1.143-1.12 2.7 2.7 0 0 0 3.857 0l.006-.006 4-4a2.735 2.735 0 1 0-3.869-3.868l-.5.5a.8.8 0 0 1-1.13-1.132zm-3.6 4.051a4.3 4.3 0 0 1 4.737.955.8.8 0 0 1-1.143 1.12 2.7 2.7 0 0 0-3.857 0l-.005.006-4 4a2.735 2.735 0 1 0 3.868 3.868l.5-.5a.8.8 0 1 1 1.132 1.132l-.5.5a4.336 4.336 0 0 1-6.132-6.132l3.997-3.997a4.3 4.3 0 0 1 1.403-.952" fill-rule="evenodd"></path></svg></button><span class="svelte-1fz0gqk"> Cette fonctionnalité </span>**<span class="svelte-1fz0gqk">n’existe pas sur les routeurs Cisco IOS classiques</span>**<span class="svelte-1fz0gqk">. </span>

<div class="copy-container svelte-clssou" id="bkmrk--4"><button class="button svelte-na4a2u type size--tiny type--plain-faint theme--default icon-only icon-start tooltip--bottom" data-sveltekit-reload="true" role="button"><svg class="icon" fill="none" height="20" viewbox="0 0 20 20" width="20" xmlns="http://www.w3.org/2000/svg"><path clip-rule="evenodd" d="M6.529 8.07c0-.851.69-1.542 1.541-1.542h8.334c.851 0 1.541.69 1.541 1.542v8.334c0 .85-.69 1.541-1.541 1.541H8.07c-.851 0-1.541-.69-1.541-1.541zm1.541-.125a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h8.334a.125.125 0 0 0 .125-.125V8.07a.125.125 0 0 0-.125-.125zM1.792 3.333c0-.851.69-1.541 1.541-1.541h8.334c.851 0 1.541.69 1.541 1.541v1.09a.708.708 0 0 1-1.416 0v-1.09a.125.125 0 0 0-.125-.125H3.333a.125.125 0 0 0-.125.125v8.334c0 .069.056.125.125.125h1.09a.708.708 0 1 1 0 1.416h-1.09c-.851 0-1.541-.69-1.541-1.541z" fill="currentColor" fill-rule="evenodd"></path></svg></button></div>