Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
231
Views
0
Helpful
1
Replies

i want open the ports and allow the telnet port also

madudhulamahesh
Level 1
Level 1

‎05-02-2014 10:33 PM - edited ‎03-07-2019 07:19 PM

Dear sir 

dis is my router configurations

 

 

router#show running-config
Building configuration...

Current configuration : 1588 bytes
!
! Last configuration change at 06:58:58 UTC Tue Apr 8 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname INFOVEE
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
!
!
!
ip name-server 182.xx.xx.xx
ip name-server 182.xx.xx.xx
no ipv6 cef
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1941/K9 sn FGL172820EP
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
 no ip address
 shutdown
!
interface GigabitEthernet0/0
 ip address 10.0.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/1
 ip address 103.xx.xx.xx 255.255.xx.xx
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source static 10.0.0.10 103.xx.xx.xx
ip nat inside source static 10.0.0.11 103.xx.xx.xx
ip nat inside source static 10.0.0.12 103.xx.xx.xx
ip nat inside source static 10.0.0.14 103.xx.xx.xx
ip nat inside source static 10.0.0.15103.xx.xx.xx
ip nat inside source static 10.0.0.16 103.xx.xx.xx
ip nat inside source static 10.0.0.9  103.xx.xx.xx
ip route 0.0.0.0 0.0.0.0 103.xx.xx.xx
!
!
!
!
control-plane
!
!
!
line con 0
 password 12345
 login
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 password 1235
 login
 transport input all
!
scheduler allocate 20000 1000
!
end

 

we have server  only .. we want allow particular ports allow to my server how to open the ports in router please help me ... if any configuration mistakes please  help me ....

 

 

Thank you 

 

 

 

 

 

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-03-2014 05:51 AM

I'd advise you to download and use Cisco Configuration Professional (CCP) if you want to secure your router and setup some access-lists for your servers.

Right now your setup is very insecure (no authentication beyond a simple plain text password on  the vty lines). CCP has a security audit feature that will remedy that and other issues.

For your servers, you will need an extended access-list applied to your outside interface Gi0/1 restricting access to the NATted server addresses on the ports you want to allow.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card