12-21-2008 07:45 AM - edited 03-06-2019 03:05 AM
Hey All,
I am trying allow Remote Desktop Access through my 1711 router thats using PPPOE. I have configured the following line in my config
ip nat source static udp 10.1.20.2 3389 interface dialer 1 3389
but I cant RDP to the computer on my network with the IP of 10.1.20.2. I need to make this computer accessible from the internet via RDP but at the same time allow other computers access to the internet. Here is a copy of my config as well. Is it because I am missing an access-list??
Current configuration : 1790 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Cisco_1711
!
boot-start-marker
boot-end-marker
!
enable password 7 052D1400265F1B5F4E5D
!
no aaa new-model
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip dhcp use vrf connected
!
ip dhcp pool Data_Vlan_20
network 10.1.20.0 255.255.255.0
default-router 10.1.20.1
!
!
ip domain name home.com
!
!
!
!
username xxxxxxxxx password 7 xxxxxxxxxx
!
!
!
!
!
!
interface FastEthernet0
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface FastEthernet1
!
interface FastEthernet2
switchport access vlan 30
!
interface FastEthernet3
!
interface FastEthernet4
switchport access vlan 20
!
interface Vlan1
no ip address
!
interface Vlan20
ip address 10.1.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1380
!
interface Vlan30
ip address 192.168.150.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1380
!
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp pap sent-username xxxxxxx password 7 xxxxxxxx
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
!
no ip http server
no ip http secure-server
ip nat source static udp 10.1.20.2 3389 interface Dialer1 3389
ip nat inside source list NAT_ADDRESSES interface Dialer1 overload
!
ip access-list extended NAT_ADDRESSES
permit ip host 10.1.20.2 any
permit ip host 192.168.150.2 any
permit ip host 10.1.20.3 any
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input ssh
!
end
Solved! Go to Solution.
12-21-2008 10:45 PM
Greetings,
RDP uses tcp to establish the connection on port 3389, try changing your static nat statement to this:
ip nat source static tcp 10.1.20.2 3389 interface Dialer1 3389
Regards,
Sannie
12-21-2008 10:45 PM
Greetings,
RDP uses tcp to establish the connection on port 3389, try changing your static nat statement to this:
ip nat source static tcp 10.1.20.2 3389 interface Dialer1 3389
Regards,
Sannie
12-22-2008 05:44 PM
I added
ip nat source static tcp 10.1.20.2 3389 interface Dialer1 3389
but I still can not RDP to this computer over the internet. RDP works on the internal network so I know its not a windows issue. Is their a debug command I can run to see whats happening?
12-22-2008 09:48 PM
1-can you add the keyword: extendable at the end of the rdp nat and try again?
2-r you making rdp to the public IP or the private ip?
3-is there any firewall between rtr and PC?
12-24-2008 04:11 AM
I resolved the issue by excluding the IP address 10.1.20.2 from DHCP. It wasnt working because the PC was getting a dynamic IP. Anyway thanks for the help
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: