Interesting scenario, Company A’s router needs to allow the following IPs from a public address of 203.1.1.0/24 to access 2 servers on the LAN 192.168.1.2 and 192.168.1.3 via port 9101.
It is not your typical static NAT, nor dynamic NAT would work and definitely not PAT or NAT overload. So what I did is create a route-map where in I created an extended access-list permitting only the public ip on tcp 9101. Then did a static nat to each server within the LAN and using the route-map as the allowed external source.
extended IP access list NAT
10 permit tcp 203.1.1.0 0.0.0.255 any eq 9101
route-map NAT permit 10
match ip address NAT
ip nat inside source static 192.168.1.2 route-map NAT
ip nat inside source statcie 192.168.1.3 route-map NAT
Interface g0/0 <WAN INTERFACE>
ip nat outside
interface g0/1 <LAN INTERFACE>
ip nat inside
Running-Config 