×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Problem with a DMZ for a web server

Unanswered Question
Mar 28th, 2012
User Badges:

Good evening,  I have some issue on the configuration of a Cisco 2811. I try to make a DMZ on one of the ports of the router but I can not get it from outside .I configured as follows


For int fa0/1 > DMZ


interface FastEthernet0/1

ip address 192.168.3.1 255.255.255.192

ip access-group 100 in

ip access-group 100 out

ip nat inside

ip virtual-reassembly in

duplex auto

speed auto


For Dialer0


interface Dialer0

ip ddns update hostname removed.dyndns.org

ip ddns update sdm_ddns1

ip address negotiated

ip nat outside

ip virtual-reassembly in

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname removed

ppp chap password 0 removed

ppp pap sent-username removed password 0 removed

no cdp enable


For the NAT translation


ip nat inside source static tcp 192.168.3.2 80 interface Dialer0 80

ip nat inside source static udp 192.168.3.2 80 interface Dialer0 80

ip nat inside source list 100 interface Dialer0 overload


For the acl


access-list 100 remark GVI

access-list 100 permit ip 0.0.0.2 255.255.255.192 any

access-list 100 permit tcp 0.0.0.2 255.255.255.192 any

access-list 100 permit udp 0.0.0.2 255.255.255.192 any

access-list 100 permit tcp any any eq www


Ip http server is off . With a port scan on wan interface ,the port seems open. Where am I doing wrong?Can someone help me?thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion