Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Cisco 877W-M port forward

Hi Guys,

I need some help opening ports on my cisco 877w-m
the ports i am trying to open to internal ip 192.168.0.80 are 37777 and 37778 udp and tcp
I have added the following

ip nat inside source static tcp 192.168.0.80 37778 interface Dialer0 37778
ip nat inside source static udp 192.168.0.80 37778 interface Dialer0 37778
ip nat inside source static tcp 192.168.0.80 37777 interface Dialer0 37777
ip nat inside source static udp 192.168.0.80 37777 interface Dialer0 37777

and also added multiple access-list entries.

Router config below.

.
.

.
.

.
.

.
.

Building configuration...

Current configuration : 7615 bytes
!

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!

hostname xxxxx
!

boot-start-marker
boot-end-marker
!

enable secret 5 --
!

no aaa new-model
clock timezone Perth 8
!

crypto pki trustpoint ---
enrollment selfsigned
subject-name ---
revocation-check none
rsakeypair ---
!

!
crypto pki certificate chain TP-self-signed-4101745041
certificate self-signed 01
30820252 308201BB A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34313031 37343530 3431301E 170D3032 30333031 30303337
31345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31303137
34353034 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009FAF F082573A 41F1A7D2 F9BD8FAC EE8418AF 697B917A 35059F44 3547FCD4
FD954D1B 7018D4C8 CAAC5839 FDD3C77E 1022069F B685C6DD 07B3A713 81AFF8E8
39C0B3E1 E935CECB 1538959E 2A5BD6F0 B294868B 13665EB6 1552A531 A603F5D3
40B59B9A CAAA4256 01838E64 AC46F305 8AFDFC68 3DAA7928 529604F3 02561E73
7AEB0203 010001A3 7A307830 0F060355 1D130101 FF040530 030101FF 30250603
551D1104 1E301C82 1A504552 2D53542D 47572D30 312E7377 616E746F 772E6C6F
63616C30 1F060355 1D230418 30168014 1F6D8BC8 2B11B5C8 D8FA3919 D947DF95
AC9B05AE 301D0603 551D0E04 1604141F 6D8BC82B 11B5C8D8 FA3919D9 47DF95AC
9B05AE30 0D06092A 864886F7 0D010104 05000381 81002793 CC921886 52B2E135
E3C1E5AE E3DE6044 C33A672F B8CAA6A0 BBED47C5 7C947DDF FDB9C713 73CF8C92
110AE14D 731196C7 940015B8 4D24CD14 924E6067 2E5C4353 50331504 D34474DB
C293D059 9D5BBBD5 55E27B41 5C900E11 F04AC828 9F78667F 46A0F3F3 B1D0F943
2F24B303 FD12DA64 E2186A14 50143F53 8AF75230 A80A
quit
dot11 syslog
!

dot11 ssid PER-ST-AP-01
vlan 1
authentication open
authentication key-management wpa
guest-mode
wpa-psk ascii 0 $---$
!

no ip source-route
ip cef
!

!
ip inspect name LAN-WAN tcp
ip inspect name LAN-WAN udp
no ip bootp server
no ip domain lookup
ip domain name swantow.local
ip name-server 4.2.2.2
ip name-server ---
!

!
!

!
no spanning-tree vlan 1
username --- privilege 15 password 0 ---
!

!
archive
log config
hidekeys
!

!
ip ssh authentication-retries 2
ip ssh version 2
!

bridge irb
!

!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!

interface ATM0.1 point-to-point
description *** --- ***$ES_WAN$
pvc 8/35
pppoe-client dial-pool-number 1
!
!

interface FastEthernet0
!

interface FastEthernet1
!

interface FastEthernet2
!

interface FastEthernet3
!

interface Dot11Radio0
no ip address
!
encryption vlan 1 mode ciphers aes-ccm
!
ssid PER-ST-AP-01
!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
!

interface Dot11Radio0.1
description *** Wireless AP ***
encapsulation dot1Q 1 native
no cdp enable
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
!

interface Vlan1
description *** LAN Interface ***
no ip address
ip virtual-reassembly
no ip route-cache cef
bridge-group 1
!

interface Dialer0
description *** WAN Interface ***
ip address negotiated
ip access-group WAN-LAN in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname ---
ppp chap password 0 ---
ppp pap sent-username --- password 0 ---
!

interface BVI1
ip address 192.168.0.254 255.255.255.0
ip access-group LAN-WAN in
ip inspect LAN-WAN in
ip nat inside
ip virtual-reassembly
!

ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!

ip http server
ip http authentication local
ip http secure-server
ip nat inside source list NAT_ADDRESSES interface Dialer0 overload
ip nat inside source static tcp 192.168.0.2 443 interface Dialer0 443
ip nat inside source static tcp 192.168.0.2 3389 interface Dialer0 3389
ip nat inside source static tcp 192.168.0.2 110 interface Dialer0 110
ip nat inside source static tcp 192.168.0.2 1723 interface Dialer0 1723
ip nat inside source static tcp 192.168.0.2 4125 interface Dialer0 4125
ip nat inside source static udp 192.168.0.2 4240 interface Dialer0 4240
ip nat inside source static tcp 192.168.0.3 443 interface Dialer0 444
ip nat inside source static tcp 192.168.0.2 25 interface Dialer0 25
ip nat inside source static tcp 192.168.0.80 8080 interface Dialer0 8080
ip nat inside source static tcp 192.168.0.2 80 interface Dialer0 80
ip nat inside source static tcp 192.168.0.80 37778 interface Dialer0 37778
ip nat inside source static udp 192.168.0.80 37778 interface Dialer0 37778
ip nat inside source static udp 192.168.0.80 8080 interface Dialer0 8080
ip nat inside source static tcp 192.168.0.80 37777 interface Dialer0 37777
ip nat inside source static udp 192.168.0.80 37777 interface Dialer0 37777
!

ip access-list extended LAN-WAN
permit tcp host 192.168.0.2 any eq smtp
deny   tcp any any eq smtp
permit ip any any
permit icmp any any
permit tcp any any established
deny   ip any any log
permit tcp host 192.168.0.80 any eq 37777
permit tcp host 192.168.0.80 any eq 37778
permit udp host 192.168.0.80 any eq 37778
permit udp host 192.168.0.80 any eq 37777
ip access-list extended NAT_ADDRESSES
permit ip 192.168.0.0 0.0.0.255 any
ip access-list extended WAN-LAN
permit tcp any any eq 8080
permit udp any any eq 37777
permit tcp any any eq 37778
permit udp any any eq 37778
permit tcp any any eq 37777
permit udp any any eq 8080
remark *** Permit OIA access ***
permit tcp host ---- any
permit tcp host ---- any
remark *** Permit Remote Web Workplace ***
permit tcp any any eq 4125
remark *** Permit VPN Connections ***
permit gre any any
permit tcp any any eq 1723
permit udp any any eq non500-isakmp
permit esp any any
permit udp any any eq isakmp
remark *** Permit Email ***
permit tcp any any eq smtp
remark *** Permit WWW ***
permit tcp any any eq 443
permit tcp any any eq www
remark *** Permit POP3
permit tcp any any eq pop3
remark *** Permit NTP ***
permit udp any eq ntp any eq ntp
remark *** Permit ICMP ***
permit icmp any any
remark *** LinkSoft ***
permit udp any any eq 4240
remark *** Permit iLO ***
permit tcp any any eq 444
permit tcp host 192.168.0.2 any eq smtp
permit tcp host 192.168.0.80 any eq 37777
permit tcp host 192.168.0.80 any eq 37778
permit tcp any host 192.168.0.80 eq 37777
permit udp any host 192.168.0.80 eq 37777
permit udp any host 192.168.0.80 eq 37778
permit tcp any host 192.168.0.80 eq 37778
ip access-list extended WAN-LANAN
ip access-list extended WAn-LAN
ip access-list extended lan-wan
permit tcp host 192.168.0.80 any eq 37777
permit udp host 192.168.0.80 any eq 37777
permit tcp host 192.168.0.80 any eq 37778
permit udp host 192.168.0.80 any eq 37778
!

dialer-list 1 protocol ip permit
no cdp run
!

!
!

control-plane
!

bridge 1 protocol ieee
bridge 1 route ip
!

line con 0
exec-timeout 15 0
login local
no modem enable
line aux 0
line vty 0 4
exec-timeout 15 0
login local
transport input ssh
!

scheduler max-task-time 5000
sntp server ----
end

195
Views
0
Helpful
0
Replies
CreatePlease to create content