Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
0
Helpful
1
Replies

Two VLAN's port forwarding to one, problem

Go to solution
HonkyHonk
Level 1
Level 1

‎07-14-2008 04:57 AM - edited ‎03-06-2019 12:10 AM

Hi all

This is my first ever Cisco router for forgive me, if this is a simple matter, but I have spent the entire weekend trying to figure this out - with no luck.

My employer has provided me with a Cisco 871W router for my homeoffice.

The router is pre-configured with two VLANs and BVIs; VLAN1 (BVI1) and VLAN2 (BVI2) for home and office connection on two different subnets (192.168.1.0 and 192.168.0.0).

My office connection is secured with IPSec or something similar - I have not that much insight in that aspect.

The configuration works for normal internet access (www, mail etc) on both networks, and the tunneling to my workplace works fint too.

My problem is that I would like to open up some ports for gaming etc. on the "home"-part of the configuration, but I cannot seems to get that to work.

The attached configuration is my current running configuration, which contains some of my trials on getting this to work, so it might look a bit odd.

If anyone could help me, I would appreciate it.

Regards

Jesper Lauridsen

Labels:
Preview file
7 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jamesl0112
Level 1
Level 1

‎07-15-2008 12:02 AM

Hi,

By the looks of it, you have an extended access list called 'outside_access_in' applied to your outside interface fa4.

You would have to add a rule to this access list allowing the port in question.

You would then need a static NAT entry that would map the port to the internal host.

For instance, if you had a rule to allow port 80 like this:

permit tcp any any eq www

You would also need a NAT entry like this:

ip nat inside source static tcp 192.168.0.10 80 interface FastEthernet4 80

Assuming that 192.168.0.10 was the client PC.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
jamesl0112
Level 1
Level 1

‎07-15-2008 12:02 AM

Hi,

By the looks of it, you have an extended access list called 'outside_access_in' applied to your outside interface fa4.

You would have to add a rule to this access list allowing the port in question.

You would then need a static NAT entry that would map the port to the internal host.

For instance, if you had a rule to allow port 80 like this:

permit tcp any any eq www

You would also need a NAT entry like this:

ip nat inside source static tcp 192.168.0.10 80 interface FastEthernet4 80

Assuming that 192.168.0.10 was the client PC.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card