Cisco 857 Unable to forward ports to server

Unanswered Question
Apr 17th, 2007
User Badges:

Hi there,

I'm having issues configuring a Cisco 800 series router.

basically I have followed many guids on adding the port forwards both telnet session and via SDM

I have added the line

ip nat inside source static tcp 3389 interface dialer0 3389

Which should do the job of forwarding port 3389 from the interface dialer0 to port 3389 on the SBSERVER (

I have gone thought the firewall configuration wizard also but that fails when getting ot the stage of applying the config (usually fails withing first command or 2!)

Here is my current configuration without the line above which is not responding to ping or doing any port forwards.



can be found here

Kind Regards

Liam Wheldon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
leanne489 Wed, 04/18/2007 - 03:20
User Badges:


You have a static nat statement (ip nat inside source static

I dont see an int with this inside ip as a result the ip nat inside soucrce static tcp will be over ridded by the previous command and would never work this might explain why all access to public ip from outside fails as translation to inside ip is not valid try sh ip nat translations and sh ip nat statistics to very pls.

shocker-z Wed, 04/18/2007 - 05:12
User Badges:

Hi Thanks for your reply, I've resolved this issue by resetting the router loading a bare minimal config and then creating the routes and configuring the firwall.

Didnt notice the IP that you pointed out in the config when i looke though, thanks alot.

Is there a way to forward 1723 VPN port to the server? i have done so and get verifying username and password but then get error 721 it's like the server is unable to communicate back to my client to verify.



leanne489 Wed, 04/18/2007 - 07:10
User Badges:


Thats good that the nat is working as for vpn have you allowed gre traffic (ip 47) through the router as well as pptp something like (access-list 101 permit gre any any)for gre.

Also not sure if problem could be related to nat config as i have seen a few problems listing pptp passthrough with 800 series concerning 12.4 and various nat problems if i remember the pix (6.3) cannot do pptp pass through if outside int is running ppoe and nat overload.

shocker-z Wed, 04/18/2007 - 07:45
User Badges:

That's great mate, i added that but no joy but then added via the SDM and working great now :)

Thanks so much for all your help

After a total of 7 hours infront of a cisco does that make me qualified? lol

I understand the working of them now so am happy.



leanne489 Wed, 04/18/2007 - 12:10
User Badges:


Thats good news best if you will be using cisco gear again on a regular basis would be to "buy" from e-bay a 1601 router and 2900 switch and build your own lab but stay away from sdm ,pdm config maker etc as you wont get familiar with the cli this way .


This Discussion