Hi ,

At starting you mentioned that you are trying to access 876 remotely..what exactly remote means ..do you have any other router at remote end....

if possible can you explain your setup or any diagram would be helpful...

Thanks,

Satish

NO i dont have other routher, only that one.

im call ISP and they say that no firewall on they side. i think the problem is with 876...

ok.

Im attach results from etheral, but its in pcap format, i have problem with exporting the results to txt.

can you analyse that and post the results?

Hi ,

Can you paste the result instead of uploading it...

Thanks,

Satish

No. Time Source Destination Protocol Info

9 7.146579 192.168.70.55 217.199.130.153 TCP 1332 > telnet [SYN] Seq=0 Len=

Frame 9 (62 bytes on wire, 62 bytes captured)

Ethernet II, Src: CompalCo_64:02:6e (00:16:d4:64:02:6e), Dst: Cisco_6c:d4:9d (00:11:21:6c:d4:9d)

Internet Protocol, Src: 192.168.70.55 (192.168.70.55), Dst: 217.199.130.153 (217.199.130.153)

Transmission Control Protocol, Src Port: 1332 (1332), Dst Port: telnet (23), Seq: 0, Len: 0

No. Time Source Destination Protocol Info

10 10.121002 192.168.70.55 217.199.130.153 TCP 1332 > telnet [SYN] Seq=0 Len=Frame 10 (62 bytes on wire, 62 bytes captured)

Ethernet II, Src: CompalCo_64:02:6e (00:16:d4:64:02:6e), Dst: Cisco_6c:d4:9d (00:11:21:6c:d4:9d)

Internet Protocol, Src: 192.168.70.55 (192.168.70.55), Dst: 217.199.130.153 (217.199.130.153)

Transmission Control Protocol, Src Port: 1332 (1332), Dst Port: telnet (23), Seq: 0, Len: 0

No. Time Source Destination Protocol Info

11 16.156109 192.168.70.55 217.199.130.153 TCP 1332 > telnet [SYN] Seq=0 Len=Frame 11 (62 bytes on wire, 62 bytes captured)

Ethernet II, Src: CompalCo_64:02:6e (00:16:d4:64:02:6e), Dst: Cisco_6c:d4:9d (00:11:21:6c:d4:9d)

Internet Protocol, Src: 192.168.70.55 (192.168.70.55), Dst: 217.199.130.153 (217.199.130.153)

Transmission Control Protocol, Src Port: 1332 (1332), Dst Port: telnet (23), Seq: 0, Len: 0

No. Time Source Destination Protocol Info

12 37.148100 217.199.130.153 192.168.70.55 TCP telnet > 1332 [RST] Seq=0 Len=Frame 12 (60 bytes on wire, 60 bytes captured)

Ethernet II, Src: Cisco_6c:d4:9d (00:11:21:6c:d4:9d), Dst: CompalCo_64:02:6e (00:16:d4:64:02:6e)

Internet Protocol, Src: 217.199.130.153 (217.199.130.153), Dst: 192.168.70.55 (192.168.70.55)

Transmission Control Protocol, Src Port: telnet (23), Dst Port: 1332 (1332), Seq: 0, Len: 0

Hi ,

I guess you are trying from 192.168.70.55 i.e pc ip to telent to 217.199.130.153 i.e vlan2 ip of 876 router.

But main thing is you configured vlan1 as

interface Vlan1

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

In which you can use 192.168.0.2 to 192.168.0.254 as PC's ip addresses.

Change the pc ip as 192.168.0.55 255.255.255.0 and gateway as 192.168.0.1 & check the issue.

Note : Remove nat on vlan1 and vlan2 fr checking purpose....

Thanks,

Satish

Satish,

Im trying telnet from remote host and ip 192.168.70.55 is addres of my pc, remote host.

I can telnet from 192.168.0.0 network to router, but from outside cant.

Hi,

Hi ,

I guess you are trying from 192.168.70.55 i.e pc ip to telent to 217.199.130.153 i.e vlan2 ip of 876 router.

But main thing is you configured vlan1 as

interface Vlan1

ip address 192.168.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

In which you can use 192.168.0.2 to 192.168.0.254 as PC's ip addresses.

Change the pc ip as 192.168.0.55 255.255.255.0 and gateway as 192.168.0.1 & check the issue.

Thanks,

Satish

ping respons:

Pinging 217.199.130.153 with 32 bytes of data:

Reply from 217.199.130.153: bytes=32 time=186ms TTL=249

Reply from 217.199.130.153: bytes=32 time=149ms TTL=249

Reply from 217.199.130.153: bytes=32 time=127ms TTL=249

Reply from 217.199.130.153: bytes=32 time=79ms TTL=249

Ping statistics for 217.199.130.153:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 79ms, Maximum = 186ms, Average = 135ms

Hi amar,

Your ethereal dump indicates to me

that the router recieved your telnet packet (maybe not all) and actively sent a reset back.

The source IP address of your telnet attempts is a private 192.168 address. Why is this? Where are you telnetting from? A remote LAN? If so, you have another NAT and possibly a firewall device infront of your remote LAN. Have you checked this device for any filtering, NAT issues?

This device mayb the culprit!!!

Yes, its remote LAN and have NAT and firewall. But from everywhere I attempt telnet to 217.199.130.153, from home, from friend, etc. I cant telnet to 876. Its the same problem.

This crazy me.

Dont worry, we will get this sorted out..Or ill bcome crazy as well!!!

Anyway, there are 3 more things to be done

a) Did you run the debug ip packet??

pls do that and post the output (remember do the following

int vlan 2

no ip route-cache

int vlan 1

no ip route-cache

logging console

logging buffered

exit

term mon

b)Check your remote end firewall logs. Or run ethereal from a computer that does a dialup to the internet(and hence recieves a public IP).

What I want to check here is that your router doesnt reply back with a different IP address than 217.199.130.153

c) Thirdly, if none of these gives us a clue, we could be looking at a corrupted image. Install a new image and try the telnet again..

let me know how it goes...

Ok. Im not now in position to run debug, i cant contact my client, have some meeting or...... I can run ethereal from my pc and try to get some infos that can be usefull to you.

I earlyer post some log from ethereal. did yo see it.

When I have contact with my client we will do the first step (a) and i will post debug output.