Port Forwarding 800 series

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

So a little background,

I have a BT home hub that forwards all incoming traffic on port 33233 to port 23 (also 33133 to 33133, 8080 to 33033 & 51129 to 51129) Which does a pretty good job of this. (feel free to look 'telnet master.selfip.com 33233 & you will have user level access to my switch' or visit master.selfip.com for a web managed interface I set up on my pc, 'you can login to NW Monitor with guest & no password' is only a test rig I have set up so all is good)

Anyway I set up a 800 router to use in place of my bthub as from a training prespective it makes good sense & I like to be in cotroll of my hardware, whereas BT Router is on lockdown! But once I had all the configs up and running for internet traffic, routing ect ect I cannot for the life of me get my ports forwarding!

I have this set up for NAT Overload on the outgoing interface, but I want for example;

- From my pc telnet master.selfip.com 33233
- My Server running DYDNS will resolve this to my IP
- 800 Router to forward incoming connection to destination 192.168.1.X


Also to make matters even worse, when I did have the 800 set up and working all vty lines configure and acess list wide open I stil could not telnet/ssh into the router from an outside location (would this be to do with using DYNDNS? & if so can you setup cisco router to resolve with DYNDNS rather than use my server?)

Should have gone with BT Buisiness, good old fixed IP's!

I will post up configs later on (probabaly middle of night as I am on nights ATM)

Cheers, Sam.

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Can you post up your config? when you try to connect, do you get connect failed error? I tried setting this up using DG836G and kept getting in, but it only connected and went to blank box, then a few seconds later it went back to c:\ prompt.

 

It would look something like this

Code:

ip nat inside source static tcp 10.0.0.1 33233 80.0.0.1 33233 extendable

and you would have an ACL to allow that traffic through also.

 

Does not fail out, just times out when I try and 'telnet XYZ.XYZ 33233' its as if my router does not allow it, (which is a lie as i can telnet from the inside network)


Current configuration : 1334 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Internet
!
logging queue-limit 100
enable secret 5 secretninja
!
username sam privilege 15 password 0 secretninja
ip subnet-zero
ip domain lookup source-interface Dialer0
ip name-server 212.159.13.49
!
!
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
!
!
!
!
!
!
!
interface Ethernet0
ip address 192.168.1.65 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
no cdp enable
hold-queue 100 out
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface Dialer0
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname [email protected]
ppp chap password 0 secretninja
!
ip nat inside source list 1 interface Dialer0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
no ip http secure-server
!
access-list 1 permit any
no cdp run
!
ip nat inside source list 1 interface Dialer0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
no ip http secure-server
!
access-list 1 permit any
no cdp run
!
line con 0
no modem enable
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password ********
login local
login
!
scheduler max-task-time 5000
!
end

 

As Thomas has noted, you'll need to create a translation for the telnet traffic to the internal host. Translate the external address/port (e.g. tcp 33233) to the internal host/port (e.g. tcp 23).

You should be careful when posting configs to remove sensitive info, passwords, etc.

Spice_Weasel

 

Yea those passwords i just made up for comedy instead of putting ******* =), secretninja!

But I will give this a try tomorrow and see how I get on, =)

Cheers.