I have Qwest DSL, 5 static IP's, a firewall and a cisco 678 router. I have the firewall configured as one of my 5 static IP's. Im trying to use port forwarding on my firewall to get to other PC's..
Right now, the only sucess that I have is my mail server... No other ports that I have forwarded work. Is there something I'm missing.. I assumed everything going to IP address xxx.xxx.xxx.xxx would be forwarded to my firewall...
I have had another company admin, that also uses the same firewall, check the firewall config and he finds nothing wrong with the firewall.. He says he cannot figure it out and everything should work okay...
I have to assume that the issue is now with the router...
So if I understand this correctly, you have addresses A.B.C.1 through A.B.C.5
(for example). The router's internal address is A.B.C.1 and the firewall is A.B.C.2
Is your router's DSL interface one of the 5 IPs, or does it have a WAN ip address?
Here's my suggestion - set up a private address scheme, say 192.168.1.x on the inside network of your firewall. Set your firewall's internal address to 192.168.1.1/24.
Create a point-to-point network between your router and your firewall. Set your firewall's external address as 10.1.1.1/30 and your router's internal address to 10.1.1.2 /30
Set a route in the router 192.168.1.0/24 to 10.1.1.1. Then use static translations in the router to map your external IP addresses to 192.168.1.0 addresses. Let's say an internal host is your SMTP server. Set it to be 192.168.1.3. Then use the following
ip nat inside source static 192.168.1.3 A.B.C.3
ip nat inside source static 192.168.1.4 A.B.C.4 (if you have another machine)
and turn NAT on at the router
set dsl interface to be "ip nat outside" and ethernet interface to be "ip nat inside"
access-list 7 permit 192.168.1.0 0.0.0.255
ip nat inside source list 7 interface ATM0 overload
Then make sure your firewall allows the protocol connectivity to the inside hosts.
I think the root of your problem is that you are incorrectly distributing your 5 static ips on different logical networks.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.