Cisco 877W ADSL Router - Port Forwarding

Discussion in 'General Cisco Certifications' started by jodsclass, Feb 19, 2007.

  1. jodsclass

    jodsclass Byte Poster

    170
    3
    39
    Hey Guys. Not been on here for a few months but I really need help with this one. Our BT and Netgear routers here at work finally became obsolete. I basically sat the boss down and said that these crappy routers would no longer support our growing office, so we invested in a soho Cisco 877 Router.

    It was an absolute nightmare to get the ADSL working with BT, and after about a day of struggling I got the whole office setup. The problem is I work for a Web Design/Development company. I have built a Development server for us all to work on which works like a dream. The problem is, no matter what I try with regards to NAT I cannot get the router to forward http requests to our dev server. I have set it up to forward port 81 to our internal port 80 on the server and it simply won't forward any traffic. I'm starting to pull my hair out with this and the boss is less than happy.

    I have tried using SDM and SDM express to configure the NAT and it all looks fine, but it just doesn't work. Am I missing something?

    Any help would be much appreciated Please check out attached screen shot

    Thanks in advance

    Jodsclass
     

    Attached Files:

    Certifications: BSc IT & Web Development
    WIP: MSc Advanced Computing, Oracle Cert
  2. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Im no Cisco expert but I`ll give it a shot!

    How many real world I.Ps do you have? Are they configured on the WAN port? Can you forward any other ports? Do you have the option of configuring a one to one NAT rule?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  3. jodsclass

    jodsclass Byte Poster

    170
    3
    39
    We have one External IP, which is the static provided by BT. However we are binding this to the interface instead of the IP to try and keep it simple. All the internal IP's are incremental from 192.168.0.1 upwards (depending on DHCP leases)

    I have tried forwarding different ports including VNC and RDP and none work, so there must be a NAT problem somewhere. I have tried configuring a one to one NAT rule to forward public port 81 to private port 80 with no luck at all. Its seems to be quite a hard nut to crack.

    Jodsclass
     
    Certifications: BSc IT & Web Development
    WIP: MSc Advanced Computing, Oracle Cert
  4. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Is it possible to configure a one-to-one nat rule with just the I.Ps and not the ports? Thats the way I have configured other firewalls. Then open the ports seperatley.

    I assume you can open ports in the Firewal and ACL section.
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  5. jodsclass

    jodsclass Byte Poster

    170
    3
    39
    Yeah. I have tried that awell. Binding the external IP to the Interal IP and Port, but It just seems to acheive the same result. I have opened up ports 80 and 81 for unrestricted access whilst we test this setup, so I'm pretty sure its not a firewall issue. The internal to external NAT works perfect throughout the network, its just incoming traffic which seems to get completely disregarded.
     
    Certifications: BSc IT & Web Development
    WIP: MSc Advanced Computing, Oracle Cert
  6. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Ok, is there a log file you can use to see if any packets are being dropped? Also how are you testing this just now. Do you have access to a PC remotley?

    Are you testing the URL with http:\\<IP address> ?
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  7. jodsclass

    jodsclass Byte Poster

    170
    3
    39
    Hey Sparky.

    Yeah i am RDP into my home pc. I have setup an A record pointing at our external IP which is how I have always done it in the past so if you visit http://dev.kudoswebdesign.com you should hit our router. http://dev.kudoswebdesign.com:81 is setup using nat to point at the dev server, and the host headers in IIS 6.0 are setup to accept requests from dev.kudoswebdesign.com and the External IP. IF I try to connect locally or remotely i get a timeout error. I'll plow though the mountain of logs on this thing and see if I can turn up any access attempts.

    John
     
    Certifications: BSc IT & Web Development
    WIP: MSc Advanced Computing, Oracle Cert
  8. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364

    Attached Files:

    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  9. jodsclass

    jodsclass Byte Poster

    170
    3
    39
    Hey Sparky, thats the Dev Server. It just started working. Bizzare. I havent changed any settings since I started with this post so it either took a while to propagate or it was one of those weird gremlin problems.

    RESULT!!!!

    Thanks Sparky

    John
     
    Certifications: BSc IT & Web Development
    WIP: MSc Advanced Computing, Oracle Cert
  10. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Nice one mate, when did you make the DNS changes? In some cases it can take 72 hours to replicate. 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  11. jodsclass

    jodsclass Byte Poster

    170
    3
    39
    DNS has been setup for months. We had the same setup, albeit on a smaller scale before (Company has gone from 4 employees to 20+ in 3 months. I started here as an applications developer but I have become the guy in charge of all tech, from buying/building machines, to the network and software infrastructure. I still got to do some ASP and php coding but most of my time is spent fixing our servers or machines, or troubleshooting for the designers and developers. Talk about customising a job role.

    John
     
    Certifications: BSc IT & Web Development
    WIP: MSc Advanced Computing, Oracle Cert
  12. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Good challenge though! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  13. r.h.lee

    r.h.lee Gigabyte Poster

    1,011
    52
    105
    Jodsclass,

    Do you have NAT enabled on the router?
     
    Certifications: MCSE, MCP+I, MCP, CCNA, A+
    WIP: CCDA
  14. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364

    Problem fixed mate...

    Solution: Dunno! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.