08-13-2007 06:18 PM - edited 03-11-2019 03:57 AM
I feel like I understand what I'm doing, but can't figure out why this isn't working.
**********
interface Ethernet0/0
nameif Inside
security-level 100
ip address 192.168.254.254 255.255.255.0
!
interface Ethernet0/3
nameif Outside
security-level 0
ip address dhcp
!
global (Outside) 1 interface
nat (Inside) 1 192.168.254.0 255.255.255.0
nat (Outside) 1 192.168.100.0 255.255.255.0
static (Inside,Outside) tcp interface 5000 192.168.254.1 telnet netmask 255.255.255.255
access-group Outside_In in interface Outside
**********
192.168.254.1 is a router. If I do a debug ip packet on 192.168.254.1, I can see the telnet session coming in - but the place I'm telnet'ing from never sees a response.
Any ideas?
Thanks!
Tom
08-13-2007 06:35 PM
what does the following line do (or what do you think it does)?
nat (Outside) 1 192.168.100.0 255.255.255.0
what does access-list Outside_In look like?
08-13-2007 07:09 PM
Oops....sorry.
nat (Outside) 1 192.168.100.0 255.255.255.0
This was for remote VPN users going back out to the Internet. It has been removed to help troubleshoot.
Here is the access-list I forgot to include:
access-list Outside_In extended permit tcp any interface Outside eq 5000
Thanks!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: