1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Port Forwarding 800 series

Discussion in 'General Cisco Certifications' started by sammy_bibs, Sep 15, 2009.

  1. sammy_bibs

    sammy_bibs Bit Poster

    22
    0
    29
    So a little background,

    I have a BT home hub that forwards all incoming traffic on port 33233 to port 23 (also 33133 to 33133, 8080 to 33033 & 51129 to 51129) Which does a pretty good job of this. (feel free to look 'telnet master.selfip.com 33233 & you will have user level access to my switch' or visit master.selfip.com for a web managed interface I set up on my pc, 'you can login to NW Monitor with guest & no password' is only a test rig I have set up so all is good)

    Anyway I set up a 800 router to use in place of my bthub as from a training prespective it makes good sense & I like to be in cotroll of my hardware, whereas BT Router is on lockdown! But once I had all the configs up and running for internet traffic, routing ect ect I cannot for the life of me get my ports forwarding!

    I have this set up for NAT Overload on the outgoing interface, but I want for example;

    - From my pc telnet master.selfip.com 33233
    - My Server running DYDNS will resolve this to my IP
    - 800 Router to forward incoming connection to destination 192.168.1.X


    Also to make matters even worse, when I did have the 800 set up and working all vty lines configure and acess list wide open I stil could not telnet/ssh into the router from an outside location (would this be to do with using DYNDNS? & if so can you setup cisco router to resolve with DYNDNS rather than use my server?)

    Should have gone with BT Buisiness, good old fixed IP's!

    I will post up configs later on (probabaly middle of night as I am on nights ATM)

    Cheers, Sam.
     
    Certifications: CCNA, CCNP, SCSA, MCSA, BSc
    WIP: IINS
  2. danielno8

    danielno8 Gigabyte Poster

    1,305
    48
    92
    Can you post up your config? when you try to connect, do you get connect failed error? I tried setting this up using DG836G and kept getting in, but it only connected and went to blank box, then a few seconds later it went back to c:\ prompt.
     
    Certifications: CCENT, CCNA
    WIP: CCNP
  3. ThomasMc

    ThomasMc Gigabyte Poster

    1,507
    49
    111
    It would look something like this

    Code:
    ip nat inside source static tcp 10.0.0.1 33233 80.0.0.1 33233 extendable
    
    and you would have an ACL to allow that traffic through also.
     
    Certifications: MCDST|FtOCC
    WIP: MCSA(70-270|70-290|70-291)
  4. sammy_bibs

    sammy_bibs Bit Poster

    22
    0
    29
    Does not fail out, just times out when I try and 'telnet XYZ.XYZ 33233' its as if my router does not allow it, (which is a lie as i can telnet from the inside network)


    Current configuration : 1334 bytes
    !
    version 12.2
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname Internet
    !
    logging queue-limit 100
    enable secret 5 secretninja
    !
    username sam privilege 15 password 0 secretninja
    ip subnet-zero
    ip domain lookup source-interface Dialer0
    ip name-server 212.159.13.49
    !
    !
    ip audit notify log
    ip audit po max-events 100
    no ftp-server write-enable
    !
    !
    !
    !
    !
    !
    !
    interface Ethernet0
    ip address 192.168.1.65 255.255.255.0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    no cdp enable
    hold-queue 100 out
    !
    interface ATM0
    no ip address
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    no atm ilmi-keepalive
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    dsl operating-mode auto
    !
    interface Dialer0
    ip address negotiated
    ip nat outside
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap callin
    ppp chap hostname sambibby@certforums.com
    ppp chap password 0 secretninja
    !
    ip nat inside source list 1 interface Dialer0 overload
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    no ip http server
    no ip http secure-server
    !
    access-list 1 permit any
    no cdp run
    !
    ip nat inside source list 1 interface Dialer0 overload
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    no ip http server
    no ip http secure-server
    !
    access-list 1 permit any
    no cdp run
    !
    line con 0
    no modem enable
    stopbits 1
    line aux 0
    stopbits 1
    line vty 0 4
    password ********
    login local
    login
    !
    scheduler max-task-time 5000
    !
    end
     
    Last edited: Sep 16, 2009
    Certifications: CCNA, CCNP, SCSA, MCSA, BSc
    WIP: IINS
  5. Spice_Weasel

    Spice_Weasel Kilobyte Poster

    254
    45
    45
    As Thomas has noted, you'll need to create a translation for the telnet traffic to the internal host. Translate the external address/port (e.g. tcp 33233) to the internal host/port (e.g. tcp 23).

    You should be careful when posting configs to remove sensitive info, passwords, etc.

    Spice_Weasel
     
    Certifications: CCNA, CCNP, CCIP, JNCIA-ER, JNCIS-ER,MCP
    WIP: CCIE
  6. sammy_bibs

    sammy_bibs Bit Poster

    22
    0
    29
    Yea those passwords i just made up for comedy instead of putting ******* =), secretninja!

    But I will give this a try tomorrow and see how I get on, =)

    Cheers.
     
    Certifications: CCNA, CCNP, SCSA, MCSA, BSc
    WIP: IINS

Share This Page

Loading...