Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
715
Views
0
Helpful
3
Replies

DMZ/Forwarding Cisco 3745

jwood1650
Level 1
Level 1

‎03-03-2012 11:26 AM - edited ‎03-04-2019 03:32 PM

I have a Cisco 3745 that is my internet router, I have a domain that directs the web address to the WAN IP address...Can I set up my 3745 to forward incoming connections to my server?  If so, what commands to I need to issue?

Thanks.

Labels:
0 Helpful
3 Replies 3

jwood1650
Level 1
Level 1

‎03-03-2012 11:28 AM

Sorry....forgot to add the running config:

3745-Internet#show run

Building configuration...

Current configuration : 2292 bytes

!

version 12.4

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname 3745-Internet

!

boot-start-marker

boot system flash:

boot-end-marker

!

no logging buffered

!

aaa new-model

!

!

aaa authentication login default local

aaa authorization exec default local

!

!

aaa session-id common

memory-size iomem 25

ip cef

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.2.1 192.168.2.150

!

ip dhcp pool HOME-Network

   network 192.168.2.0 255.255.255.0

   default-router 192.168.2.1

   dns-server 8.8.8.8 8.8.4.4 192.168.2.127 192.168.2.128

!

!

ip domain name www.jkkcc.com

ip name-server 192.168.2.127

!

multilink bundle-name authenticated

parameter-map type regex sdm-regex-nonascii

pattern [^\x00-\x80]

!

!

!

!

!

!

!

username woodjl1650 privilege 15 password 0 henry999

archive

log config

  hidekeys

!

!

!

!

!

interface FastEthernet0/0

description $FW_OUTSIDE$

ip address dhcp

ip nat outside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/0

description $FW_INSIDE$

ip address 10.0.1.9 255.255.255.252

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/1

description $FW_INSIDE$

ip address 192.168.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/1

description $FW_INSIDE$

ip address 10.0.1.5 255.255.255.252

ip nat inside

ip virtual-reassembly

clock rate 2000000

!

router eigrp 1

network 10.0.0.0

network 192.168.0.0

network 192.168.2.0

no auto-summary

!

!

!

ip http server

ip http authentication local

no ip http secure-server

ip nat inside source list 15 interface FastEthernet0/0 overload

ip nat inside source static tcp 192.168.2.128 80 interface FastEthernet0/0 80

ip nat inside source static tcp 192.168.2.128 25 interface FastEthernet0/0 25

!

access-list 15 permit 192.168.2.0 0.0.0.255

access-list 15 permit 192.168.3.0 0.0.0.255

access-list 15 permit 10.0.1.4 0.0.0.3

access-list 15 permit 10.0.1.8 0.0.0.3

access-list 15 permit 192.168.1.0 0.0.0.255

snmp-server community public RO

snmp-server community private RW

snmp-server enable traps tty

!

!

!

!

control-plane

!

!

line con 0

line aux 0

line vty 0 4

privilege level 15

transport input telnet

!

!

webvpn cef

!

end

3745-Internet#

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to jwood1650

‎03-03-2012 12:03 PM

Hi,

no ip nat inside source static tcp 192.168.2.128 80 interface FastEthernet0/0 80

ip nat inside source static tcp 192.168.2.128 80 interface FastEthernet0/0 8100

or you can leave the original command but disable http server on router or you can also configure server to listen on a different port and do a static PAT to this port.

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

jwood1650
Level 1
Level 1
In response to cadet alain

‎03-03-2012 03:51 PM

I did the first option you provided and I still get the SDM login for the router....so I did the no ip http server, and tried again to got page error...I should get routed to my server 192.168.2.128 correct?

Here is my current config:

version 12.4

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname 3745-Internet

!

boot-start-marker

boot system flash:

boot-end-marker

!

no logging buffered

!

aaa new-model

!

!

aaa authentication login default local

aaa authorization exec default local

!

!

aaa session-id common

memory-size iomem 25

ip cef

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.2.1 192.168.2.150

!

ip dhcp pool HOME-Network

   network 192.168.2.0 255.255.255.0

   default-router 192.168.2.1

   dns-server 8.8.8.8 8.8.4.4 192.168.2.127 192.168.2.128

!

!

ip domain name www.jkkcc.com

ip name-server 192.168.2.127

!

multilink bundle-name authenticated

parameter-map type regex sdm-regex-nonascii

pattern [^\x00-\x80]

!

!

!

!

!

!

!

username woodjl1650 privilege 15 password 0 henry999

archive

log config

  hidekeys

!

!

!

!

!

interface FastEthernet0/0

description $FW_OUTSIDE$

ip address dhcp

ip nat outside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/0

description $FW_INSIDE$

ip address 10.0.1.9 255.255.255.252

ip nat inside

ip virtual-reassembly

!

interface FastEthernet0/1

description $FW_INSIDE$

ip address 192.168.2.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

!

interface Serial0/1

description $FW_INSIDE$

ip address 10.0.1.5 255.255.255.252

ip nat inside

ip virtual-reassembly

clock rate 2000000

!

router eigrp 1

network 10.0.0.0

network 192.168.0.0

network 192.168.2.0

no auto-summary

!

!

!

no ip http server

ip http authentication local

no ip http secure-server

ip nat inside source list 15 interface FastEthernet0/0 overload

ip nat inside source static tcp 192.168.2.128 25 interface FastEthernet0/0 25

ip nat inside source static tcp 192.168.2.128 80 interface FastEthernet0/0 8100

!

access-list 15 permit 192.168.2.0 0.0.0.255

access-list 15 permit 192.168.3.0 0.0.0.255

access-list 15 permit 10.0.1.4 0.0.0.3

access-list 15 permit 10.0.1.8 0.0.0.3

access-list 15 permit 192.168.1.0 0.0.0.255

snmp-server community public RO

snmp-server community private RW

snmp-server enable traps tty

!

!

!

!

control-plane

!

!

line con 0

line aux 0

line vty 0 4

privilege level 15

transport input telnet

!

!

webvpn cef

!

end

3745-Internet#

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card