Help with Port Forwarding/Firewall/ACL

Unanswered Question
Jul 5th, 2010


We have a Cisco 871W router, and we are using the Cisco Configuration Professional.  Also, I don't know the command lines yet, so I need to do everything through the GUI of the CCP.

I have opened port 3389 for RDP, which works perfect from outside our network, but how to I add a rule so that I can RDP from within my network, but using the external IP?

Right now, I have two RDP shortcuts (one with the Internal IP address, and one with the external IP address), but I would like to use just one (the external IP address).

Thanks in advance,


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Mon, 07/05/2010 - 19:53


With the normal NAT rules, from the inside you can only access the real (un-NATed IP).

The external or NATed IP can only be accessed from outside.

You can try creating a NAT rule to translate the external IP to itself when coming from the inside (but router's are not much good on NATing).

We can try to help you out via the CLI if you attach a copy of the relevant configuration.


Federico Coto F... Tue, 07/06/2010 - 13:23


Not with me :-)  (I'm not familiar with the GUI at all and don't have access to it).

But I can help you via CLI if you want.


chaitram Wed, 07/07/2010 - 01:50

Hi Bradly,

   You could you CCP to configure NAT on the router. Launch Configure -> Router -> NAT. You could use the Wizard or the Edit Tab to configure NAT using CCP.

Can you attach the running config on your router so that we could assist you with the config via the GUI.



chaitram Tue, 07/13/2010 - 02:45


   Have you been able to configure NAT using CCP? I see that you have configured NAT on the Router. Could you pls let us know if you still need assitance configuring NAT using CCP?


bradlynaultirs Tue, 07/13/2010 - 08:26

Hi, yes, I have configured NAT, but I don't know how to configure it for accessing the external IP address from within the internal network.

For example

RDP, on port 3389:  I can access the Server through 192.168.1.###, but not through [External IP Address].  Because of this, I need 2 RDP connections:  one when I'm within the internal network, and one when i'm outside.  I would like to just have one (the External IP).




This Discussion