Accesing router from outside

Unanswered Question
Amit Singh Fri, 03/30/2007 - 10:14

Hello,


Please find the link below for configuring the NAT on the router:


http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml


You can enable telnet on the router to access it from outside.Please configure the valid IP to access the router from outside


Conf t


username ABC password 123

enable secret 12345


access-list 1 permit host


Line vty 0 4

login local

access-class 1 in

transport input telnet


The link below will help you creating the telnet access-list to allow access from outside


http://www.cisco.com/warp/public/105/ACLsamples.html


HTH,

-amit singh

royalblues Fri, 03/30/2007 - 11:02

Though the configuration mentioned by amit on the vty lines would be good from a security point of view, the access-list could be a problem if you get dynamic ip assignment from the ISP


I would suggest using SSH though


Narayan

Danilo Dy Mon, 04/02/2007 - 06:45

If you are accessing your router from a single ISP outside, you can try to WHOIS your ISP netblock from one of the following (depends on your geographic location);


ARIN http://www.arin.net

APNIC http://www.apnic.net

LACNIC http://lacnic.net/en/

RIPE NCC http://www.ripe.net/

AFRINIC http://www.afrinic.net/


And put your ISP prefix in ACL 1. Some ISP have multiple prefixes for different use, ADSL, Office Connect, IDC, etc.. At least this way you have implemented some level of security which allows only "few" networks to be able to access your router. If in case your router is hacked, you know that the hacker is someone connected to your ISP and you can ask your ISP for the hacker details :)


Actions

This Discussion