Access PC behind 877 DSL router?

Unanswered Question
Aug 4th, 2008
User Badges:

Hi,


I have this Cisco 837 DSl router at work which provides 'guest' access to users in one of our offices. I was wondering how I can give myself remote desktop access to a pc on the guest network over the internet assuming my publc IP is 1.2.3.4.


And another thing the guest network is completely open for outbound internet traffic, we don't block a thing.


I tried adding:


"IP NAT inside source static tcp 10.0.0.70 3389 interface dialer 1 3389"


"Access-list 101 permit tcp host 1.2.3.4 any eq 3389 log"


"Interface dialer 1

ip access-group 101 in"


After adding this nothing worked :) users on this guest network could no longer access the Internet.


Hope you can help



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
n.nandrekar Tue, 08/05/2008 - 00:11
User Badges:
  • Silver, 250 points or more

hi!

the ip access list that you have applied to dialer 1 interface in the above config (access list 101) has an implicit deny at the end. This prevents any other traffic to pass through the interface.

that access-list that you intend to use for not should NOT be applied to the interface. due to this config, internet was not accessable to any guest PCs.


As for the solution, can you try the following thing: (I am not sure if this will work as i have not configured it ever. but you can give it a try)


with the same access-list 101 as above, and pool INSIDE_PC containing 10.0.0.70,


6506-32-PE3(config)#ip nat inside destination list 101 pool INSIDE_PC


Regards,

Niranjan

(pls rate if helpful)

whiteford Tue, 08/05/2008 - 00:35
User Badges:

Hi, got it working by simply allowing DNS inbound:


Access-list 101 permit udp host eq domain any




Actions

This Discussion