cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
784
Views
0
Helpful
5
Replies

Cisco 857 Unable to forward ports to server

shocker-z
Level 1
Level 1

Hi there,

I'm having issues configuring a Cisco 800 series router.

basically I have followed many guids on adding the port forwards both telnet session and via SDM

I have added the line

ip nat inside source static tcp 192.168.1.3 3389 interface dialer0 3389

Which should do the job of forwarding port 3389 from the interface dialer0 to port 3389 on the SBSERVER (192.168.1.3)

I have gone thought the firewall configuration wizard also but that fails when getting ot the stage of applying the config (usually fails withing first command or 2!)

Here is my current configuration without the line above which is not responding to ping or doing any port forwards.

(EDITED OUT USER AND PASS for ADSL)

ROUTER CONFIGURATION

can be found here

http://www.ukchat.ws/stuff/SDMConfig.txt

Kind Regards

Liam Wheldon

5 Replies 5

leanne489
Level 1
Level 1

well,

You have a static nat statement (ip nat inside source static 192.168.0.2 85.189.10.2)

I dont see an int with this inside ip 192.168.0.2 as a result the ip nat inside soucrce static tcp 192.168.1.3 will be over ridded by the previous command and would never work this might explain why all access to public ip from outside fails as translation to inside ip is not valid try sh ip nat translations and sh ip nat statistics to very pls.

Hi Thanks for your reply, I've resolved this issue by resetting the router loading a bare minimal config and then creating the routes and configuring the firwall.

Didnt notice the IP that you pointed out in the config when i looke though, thanks alot.

Is there a way to forward 1723 VPN port to the server? i have done so and get verifying username and password but then get error 721 it's like the server is unable to communicate back to my client to verify.

Regards

Liam

Well,

Thats good that the nat is working as for vpn have you allowed gre traffic (ip 47) through the router as well as pptp something like (access-list 101 permit gre any any)for gre.

Also not sure if problem could be related to nat config as i have seen a few problems listing pptp passthrough with 800 series concerning 12.4 and various nat problems if i remember the pix (6.3) cannot do pptp pass through if outside int is running ppoe and nat overload.

That's great mate, i added that but no joy but then added via the SDM and working great now :)

Thanks so much for all your help

After a total of 7 hours infront of a cisco does that make me qualified? lol

I understand the working of them now so am happy.

Regards

Liam

well,

Thats good news best if you will be using cisco gear again on a regular basis would be to "buy" from e-bay a 1601 router and 2900 switch and build your own lab but stay away from sdm ,pdm config maker etc as you wont get familiar with the cli this way .

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: