Access to VLAN subnet from WAN

rsabapathee · ‎03-09-2007

hi,

I would like to access to a VLAN subnet from WAN.

In my setup, I have a Cisco 1841 which does the VLAN routing. 2 VLANS are defined: native vlan and vlan 172. All PCs are on native VLAN while VLAN 172 used for Voice equipment.

It has 2 routes:

1st route to ADSL router: ip route 0.0.0.0 0.0.0.0 192.168.1.2

2nd route to a wireless network

ADSL gateway on native VLAN.

I can connect through dyndns to any PC on the native VLAN, but would like to access to a PC on vlan 172 on SSH (port 22).

How do I do the routing on the ADSL gateway to forward any traffic on port 22 to the PC (172.16.0.11) on VLAN 172?

Thanks

hoogen_82 · ‎03-09-2007

Hmm.. i am not yet sure about your network, but i guess PBR could work.

!

Route-map ssh permit 10

match ip address 101

set ip default next-hop 172.16.0.11

!

route-map ssh permit 20

!

access-list 101 permit tcp any any eq 22

!

I may not have got the syntax correct but this is a skeleton configuration on which you can work.

Identify from where the traffic is coming from and apply ip policy route-map ssh

Cheers

Hoogen

rsabapathee · ‎03-09-2007

thanks for reply.

But it sounds you are saying to configure this command on the ADSL gateway. The gateway is a non-cisco router, which does not know about the 172.16.0.0 network.

Only the cisco router which does the VLAN routing knows about that network.

Amit Singh · ‎03-09-2007

Please paste the your network diagram and configuration of the router.

-amit singh