cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
424
Views
0
Helpful
12
Replies

Cannot telnet between machines behind cisco 1811

IM-Design
Level 1
Level 1

I have 2 separate exchange servers for 2 separate exchange organizations on

the same private network.

-One has an ip of 192.168.0.2

-Two has an ip of 192.168.0.3

The network is protected by a 1811 router/firewall and each server has their own

public IP.

I can telnet between these machines usign their private ips, but not using their public ips?

Here is the show run (attached):

Thanks for your help

12 Replies 12

pkhatri
Level 11
Level 11

HI,

That is not possible with the way NAT works. I'm afraid you have no option but to try the telnet from a host on the Internet or just use their private IPs.

Hope that helps - pls rate the post if it does.

Paresh

Do you want to enable smtp exchange between the two Servers using their public IP or you expect telnet between the two servers to work using their public IP?

I believe, there's a way this task be accomplished.

Shall post the config after your response is received.

--Sundar

Hi Sundar,

Do you know of a way to be able to telnet between the machines using their NATed public addresses ? If so, I'd be interested to see how this could be done.

Much appreciated.

Paresh

No problem.

Here it is.

I don't have access to equipment to test at this time. I am just typing it in. Excuse me if there's problems with my syntax as it's 11:40pm over here in US and I am about to call it quit for the day.

int lo0

ip add x.x.x.x y.y.y.y

int vlan1

ip policy route-map test

route-map test permit 10

match ip address 150

set int lo0

route-map test permit 15

match ip address 151

set int lo0

access-list 150 permit tcp host x.y.z.230 host x.y.z.231 eq smtp

access-list 151 permit tcp host x.y.z.231 host x.y.z.230 eq smtp

Let me know if you had any questions.

HTH,

Sundar

I want to enable smtp exchange between the 2 servers. Does the sample you show below apply in this case?

Charlie

Yes.

A small correction to the above:

int lo0

ip address x.x.x.x y.y.y.y

ip nat outside

Let me know if it helped.

--Sundar

Hi,

Im new to IOS, so I am not following your lead here. Would it be possible for you to modify the originally posted file, so I can follow your advice without making any unintended errors?

Thanks

Just add/apply the following configuration to your existing setup. Substitute the x/y/z with ip addresses.

int lo0

ip add x.x.x.x y.y.y.y

ip nat outside

int vlan1

ip policy route-map test

route-map test permit 10

match ip address 150

set int lo0

route-map test permit 15

match ip address 151

set int lo0

access-list 150 permit tcp host x.y.z.230 host x.y.z.231 eq smtp

access-list 151 permit tcp host x.y.z.231 host x.y.z.230 eq smtp

Let me know if you have any doubts.

--Sundar

Hi, thanks for the reply

-For the lines:

int lo0

ip add x.x.x.x y.y.y.y

ip nat outside

What ip address & mask should I use (public, or private-192.168.0.253, or something like 127.0.0.1). I would prefer to not use a public.

You could use a private IP address on your loopback.

Let us know how you did with it.

Pls. rate all helfpul posts.

HTH,

Sundar

Hi,

No joy.

I tried the 127.0.0.1 address, but it was disallowed, as was an address on the 192.168.0.x network. So I chose a 10.1.20.x address, which was successfully set on lo0.

Nonetheless, I am still unable to telnet between the public addresses for these 2 machines.

Any ideas?

TIA

Charlie

Post the config that you have in there now.

--Sundar

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: