Cisco 891 - "Port Forwarding" over nat

Er der en som vil hjælpe en ven i nød.

Jeg har den her Cisco 891 Router.

Jeg kan ikke huske hvordan man laver port forwarding da det er Mange år siden jeg har configureret en router.

fx forward:

Port 443(TCP) protokol https skal forwardes til 192.168.1.6

Min Wan adresse fra ISP er 176.222.238.146

Current configuration : 6158 bytes
!
! Last configuration change at 19:17:41 UTC Wed Sep 3 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname KBH_Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 4 DOMrmiA0J9RTNNStEDZgOItWnGiYEf/Wt6LKFbOaX1.
enable password ISAmedia14
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-3593344322
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3593344322
revocation-check none
rsakeypair TP-self-signed-3593344322
!
!
crypto pki certificate chain TP-self-signed-3593344322
certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33353933 33343433 3232301E 170D3134 30333135 30323434
  35305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35393333
  34343332 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100B8D4 AAA1F4D8 0F2C4A83 5EB9075E 6A51CE97 F55A557D 2477E76C 912B11E3
  42DAFE2C AEF82F71 5D18D6CE A131E366 15B14AA3 4908E7AA 1C15D08C 4FFE7551
  D6134E3C 853D70B8 A3EF333B D8DBE6AC 3F5B6377 CDCC0AA5 0D60657D 1A748202
  F59BCF57 AF54471F E568AC37 8A9AC441 7EB726AD 67292355 6426A63A CBB6AEA8
  C0E90203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 147591FE 536CEE62 EBA0B152 E0F6C8F1 73062ACC 7F301D06
  03551D0E 04160414 7591FE53 6CEE62EB A0B152E0 F6C8F173 062ACC7F 300D0609
  2A864886 F70D0101 05050003 8181006E E8A840D8 C69615FA BD5CA5A6 80EF6BAA
  2C06B7B4 71DE42D6 BFECD59A C779FDB8 9602BBA6 444E0F49 AB049294 725742EE
  B19AA8B9 ACB83E8C 5249955E 7A033E43 86E5CBB1 4ADA247B F0F77ECB FC654914
  F3AD37FF 54BA3291 BEB36B1E 3897DB25 3EDEF086 B162B618 24F2289B E6495FBA
  A7019A7A 15F85F89 49D7E606 F9636B
        quit
ip cef
!
!
!
!


!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.1 192.168.1.20
!
ip dhcp pool ccp-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
ip dhcp pool vlan1pool
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 91.143.114.64
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip name-server 91.143.112.64
ip name-server 91.143.114.64
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
license udi pid CISCO891-K9 sn FCZ1811947E
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.108.1.1 255.255.255.0
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
no ip address
!
interface FastEthernet5
no ip address
!
interface FastEthernet6
no ip address
!
interface FastEthernet7
no ip address
!
interface FastEthernet8
no ip address
duplex auto
speed auto
!
interface Virtual-Template1
ip unnumbered Loopback0
ip nat outside
ip virtual-reassembly in
!
interface GigabitEthernet0
description WAN
ip address 176.222.238.146 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
no keepalive
!
interface Vlan1
description $ETH_LAN$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
interface Async1
no ip address
encapsulation slip
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 1 interface GigabitEthernet0 overload
ip route 0.0.0.0 0.0.0.0 176.222.238.145
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.7
no cdp run
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
gateway
timer receive-rtp 1200
!
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------

Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for  one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.

username <myuser> privilege 15 secret 0 <mypassword>

Replace <myuser> and <mypassword> with the username and password you
want to use.

-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.

YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE
PUBLICLY-KNOWN CREDENTIALS

Here are the Cisco IOS commands.


username <myuser>  privilege 15 secret 0 <mypassword>
no username cisco

Replace <myuser> and <mypassword> with the username and password you want
to use.

IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL
NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.

For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
password xxxx
login
line 1
password xxxx
modem InOut
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password xxxx
login
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
!
end