Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cannot telnet between machines behind cisco 1811

I have 2 separate exchange servers for 2 separate exchange organizations on

the same private network.

-One has an ip of 192.168.0.2

-Two has an ip of 192.168.0.3

The network is protected by a 1811 router/firewall and each server has their own

public IP.

I can telnet between these machines usign their private ips, but not using their public ips?

Here is the show run (attached):

Thanks for your help

12 REPLIES
Purple

Re: Cannot telnet between machines behind cisco 1811

HI,

That is not possible with the way NAT works. I'm afraid you have no option but to try the telnet from a host on the Internet or just use their private IPs.

Hope that helps - pls rate the post if it does.

Paresh

Re: Cannot telnet between machines behind cisco 1811

Do you want to enable smtp exchange between the two Servers using their public IP or you expect telnet between the two servers to work using their public IP?

I believe, there's a way this task be accomplished.

Shall post the config after your response is received.

--Sundar

Purple

Re: Cannot telnet between machines behind cisco 1811

Hi Sundar,

Do you know of a way to be able to telnet between the machines using their NATed public addresses ? If so, I'd be interested to see how this could be done.

Much appreciated.

Paresh

Re: Cannot telnet between machines behind cisco 1811

No problem.

Here it is.

I don't have access to equipment to test at this time. I am just typing it in. Excuse me if there's problems with my syntax as it's 11:40pm over here in US and I am about to call it quit for the day.

int lo0

ip add x.x.x.x y.y.y.y

int vlan1

ip policy route-map test

route-map test permit 10

match ip address 150

set int lo0

route-map test permit 15

match ip address 151

set int lo0

access-list 150 permit tcp host x.y.z.230 host x.y.z.231 eq smtp

access-list 151 permit tcp host x.y.z.231 host x.y.z.230 eq smtp

Let me know if you had any questions.

HTH,

Sundar

New Member

Re: Cannot telnet between machines behind cisco 1811

I want to enable smtp exchange between the 2 servers. Does the sample you show below apply in this case?

Charlie

Re: Cannot telnet between machines behind cisco 1811

Yes.

A small correction to the above:

int lo0

ip address x.x.x.x y.y.y.y

ip nat outside

Let me know if it helped.

--Sundar

New Member

Re: Cannot telnet between machines behind cisco 1811

Hi,

Im new to IOS, so I am not following your lead here. Would it be possible for you to modify the originally posted file, so I can follow your advice without making any unintended errors?

Thanks

Re: Cannot telnet between machines behind cisco 1811

Just add/apply the following configuration to your existing setup. Substitute the x/y/z with ip addresses.

int lo0

ip add x.x.x.x y.y.y.y

ip nat outside

int vlan1

ip policy route-map test

route-map test permit 10

match ip address 150

set int lo0

route-map test permit 15

match ip address 151

set int lo0

access-list 150 permit tcp host x.y.z.230 host x.y.z.231 eq smtp

access-list 151 permit tcp host x.y.z.231 host x.y.z.230 eq smtp

Let me know if you have any doubts.

--Sundar

New Member

Re: Cannot telnet between machines behind cisco 1811

Hi, thanks for the reply

-For the lines:

int lo0

ip add x.x.x.x y.y.y.y

ip nat outside

What ip address & mask should I use (public, or private-192.168.0.253, or something like 127.0.0.1). I would prefer to not use a public.

Re: Cannot telnet between machines behind cisco 1811

You could use a private IP address on your loopback.

Let us know how you did with it.

Pls. rate all helfpul posts.

HTH,

Sundar

New Member

Re: Cannot telnet between machines behind cisco 1811

Hi,

No joy.

I tried the 127.0.0.1 address, but it was disallowed, as was an address on the 192.168.0.x network. So I chose a 10.1.20.x address, which was successfully set on lo0.

Nonetheless, I am still unable to telnet between the public addresses for these 2 machines.

Any ideas?

TIA

Charlie

Re: Cannot telnet between machines behind cisco 1811

Post the config that you have in there now.

--Sundar

159
Views
0
Helpful
12
Replies