Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

cisco 871 how to adres a host on the inside

i want to let ip a.a.a.a from the internet do remote desktoppinmg via port b on computer c.c.c.c on the inside.

how do i do that

acces rule ?

nat rule ?

port association aplication ?

13 REPLIES

Re: cisco 871 how to adres a host on the inside

First create a NAT-

ip nat inside source static tcp c.c.c.c 3389 interface Ethernet1 3389

Ethernet1 in this case is the outside interface. Yours maybe different (eg dialer0)

Next create an ACL to allow access to the NAT-

ip access-list extended outside_in

permit tcp host a.a.a.a host {ethernet1 IP] eq 3389

Finally we apply it to the outside interface-

interface Ethernet1

ip access-group outside_in in

Hope that helps.

New Member

Re: cisco 871 how to adres a host on the inside

i dont know but i dont have internet acces after applyin these rules ?

Re: cisco 871 how to adres a host on the inside

Are you running CBAC on the router? Do you already have an ACL on the outside interface?

New Member

Re: cisco 871 how to adres a host on the inside

no cbac no acl

i want to let wan ip a.a.a.a port b from the internet do remote desktoppinmg via port b on computer c.c.c.c on the inside because i want to rdt all my computer on the internal network . so each interanl host has an unique rdt tpc port

on a simple router from alcatel or siemens all this qiute simple

Re: cisco 871 how to adres a host on the inside

Can you post a config?

New Member

Re: cisco 871 how to adres a host on the inside

the config

New Member

Re: cisco 871 how to adres a host on the inside

frased otherwise

i want port aaaa from the wan directed to host bbbb.

New Member

Re: cisco 871 how to adres a host on the inside

i understand the command is to log in from wan

to host cccc with port bbbb

ip nat inside source static tcp cccc bbbb interface FastEthernet4 bbbb

but the logic of cisco fails me.

in sdm i have to fill in translating from adres the host on the inside , but i make the call from outside wan.

the command sentence also speaks of source adres but my logic says the source adres is that of the host that trys to make connection with the inside adres.

what do i miss ?

New Member

Re: cisco 871 how to adres a host on the inside

next problem

i have an public ip adres aaaa , then an adslmodem with inside adres ccc138 the fa4 of the cisco is connected to it with ip cccc01.

can i make acces rules with public ip adresses on the outside lan ccc0 of my cisco router because he sees only the gateway ccc138.

should i pass the public ip adres to my cisco router through the adslmodem to make acces lists on basis of public ip adresses of hosts i want to allow ?

Re: cisco 871 how to adres a host on the inside

A couple of things I noticed right away-

Your default gateway points to your interface, it should point to another IP or out the VLAN 1 interface.

Next you'll need the NAT statement to allow the translation from outside to inside.

ip nat inside source static tcp 10.10.10.5 80 interface vlan1 80

Next create the access list to allow the traffic.

access-list 100 permit tcp any any eq

80

Finally apply the access list to the outside interface (VLAN 1 in your case)

interface vlan 1

ip access-group 100 in

I'm afraid I don't use ASDM so I can't be much help there.

New Member

Re: cisco 871 how to adres a host on the inside

wat rule are you referring to with : my default gateway points to your ionterface it should point to another ip or out ?

Re: cisco 871 how to adres a host on the inside

ip route 0.0.0.0 0.0.0.0 10.10.10.138

10.10.10.138 is also the IP address of VLAN1

It should be something like this-

ip route 0.0.0.0 0.0.0.0 10.10.10.1

or

ip route 0.0.0.0 0.0.0.0 vlan 1

New Member

Re: cisco 871 how to adres a host on the inside

but vlan1 is my internal network

and if i chance it like you mention then i lose internat connection from vlan1

10.10.10.138 is the ip adres of my adsl modem

10.10.10.1 is the ip adres of my cisco external interface

454
Views
0
Helpful
13
Replies
CreatePlease login to create content