04-17-2007 08:25 AM - edited 03-05-2019 03:30 PM
Hi there,
I'm having issues configuring a Cisco 800 series router.
basically I have followed many guids on adding the port forwards both telnet session and via SDM
I have added the line
ip nat inside source static tcp 192.168.1.3 3389 interface dialer0 3389
Which should do the job of forwarding port 3389 from the interface dialer0 to port 3389 on the SBSERVER (192.168.1.3)
I have gone thought the firewall configuration wizard also but that fails when getting ot the stage of applying the config (usually fails withing first command or 2!)
Here is my current configuration without the line above which is not responding to ping or doing any port forwards.
(EDITED OUT USER AND PASS for ADSL)
ROUTER CONFIGURATION
can be found here
http://www.ukchat.ws/stuff/SDMConfig.txt
Kind Regards
Liam Wheldon
04-18-2007 03:20 AM
well,
You have a static nat statement (ip nat inside source static 192.168.0.2 85.189.10.2)
I dont see an int with this inside ip 192.168.0.2 as a result the ip nat inside soucrce static tcp 192.168.1.3 will be over ridded by the previous command and would never work this might explain why all access to public ip from outside fails as translation to inside ip is not valid try sh ip nat translations and sh ip nat statistics to very pls.
04-18-2007 05:12 AM
Hi Thanks for your reply, I've resolved this issue by resetting the router loading a bare minimal config and then creating the routes and configuring the firwall.
Didnt notice the IP that you pointed out in the config when i looke though, thanks alot.
Is there a way to forward 1723 VPN port to the server? i have done so and get verifying username and password but then get error 721 it's like the server is unable to communicate back to my client to verify.
Regards
Liam
04-18-2007 07:10 AM
Well,
Thats good that the nat is working as for vpn have you allowed gre traffic (ip 47) through the router as well as pptp something like (access-list 101 permit gre any any)for gre.
Also not sure if problem could be related to nat config as i have seen a few problems listing pptp passthrough with 800 series concerning 12.4 and various nat problems if i remember the pix (6.3) cannot do pptp pass through if outside int is running ppoe and nat overload.
04-18-2007 07:45 AM
That's great mate, i added that but no joy but then added via the SDM and working great now :)
Thanks so much for all your help
After a total of 7 hours infront of a cisco does that make me qualified? lol
I understand the working of them now so am happy.
Regards
Liam
04-18-2007 12:10 PM
well,
Thats good news best if you will be using cisco gear again on a regular basis would be to "buy" from e-bay a 1601 router and 2900 switch and build your own lab but stay away from sdm ,pdm config maker etc as you wont get familiar with the cli this way .
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: