Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

hello :)

hello, can any one help me about port forwarding on Cisco router 3845 series. im having difficulties viewing my survallance camera outside i can only view it locally here is my config. btw im using static ip but its pppoe.

enable secret 5 $1$mu1x$CMb95/a0gerL2sKkjX72q0
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.10.0 192.168.10.99
!
ip dhcp pool mypool
   network 192.168.10.0 255.255.255.0
   default-router 192.168.10.2
   dns-server 158.69.254.14 158.69.254.15
!
!
vpdn enable
vpdn ip udp ignore checksum
!
vpdn-group pppoe
request-dialin
  protocol pppoe
!
!
!
!
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface FastEthernet0/1
ip address 192.168.10.2 255.255.255.0
ip nat inside
ip tcp adjust-mss 1452
duplex auto
speed auto
!
interface Dialer1
mtu 1492
ip address 158.69.142.54 255.255.255.0
ip nat outside
encapsulation ppp
dialer pool 1
ppp authentication chap pap callin
ppp chap hostname 270614111
ppp chap password 0 196581111
ppp pap sent-username 27061111 password 0 196581111
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip nat inside source list 1 interface Dialer1 overload
ip nat outside source static tcp 192.168.10.2 8888 158.69.142.54 8888 extendable
!
access-list 1 permit 192.168.10.0 0.0.0.255
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login

13 REPLIES
Cisco Employee

Re: hello :)

Remove this line:

ip nat outside source static tcp 192.168.10.2 8888 158.69.142.54 8888  extendable

Change it to this line:

ip nat inside source static tcp 192.168.10.2 8888 interface Dialer1 8888  extendable

Hope that helps.

Community Member

Re: hello :)

sir i cant seem to add the extendable command at the last part why is that?

Community Member

Re: hello :)

hello, this is the latest config, the one with the ip address  192.168.10.25 and  port 8888 is my dvr.

Current  configuration : 1600 bytes
!
version 12.4
service timestamps  debug datetime msec
service timestamps log datetime msec
no  service password-encryption
!
hostname CISCO1841
!
boot-start-marker
boot-end-marker
!
enable  secret 5 $1$mu1x$CMb95/a0gerL2sKkjX72q0
!
no aaa new-model
!
resource  policy
!
mmi polling-interval 60
no mmi auto-configure
no  mmi pvc
mmi snmp-timeout 180

ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.10.0 192.168.10.99
!
ip dhcp pool mypool
    network 192.168.10.0 255.255.255.0
    default-router 192.168.10.2
    dns-server 158.69.254.14 158.69.254.15
!
vpdn enable
vpdn ip udp ignore checksum
!
vpdn-group pppoe
  request-dialin
   protocol pppoe
!

interface FastEthernet0/0
  no ip address
  duplex auto
  speed auto
  pppoe enable
  pppoe-client dial-pool-number 1
  no cdp enable
!
interface FastEthernet0/1
  ip address 192.168.10.2 255.255.255.0
  ip nat inside
  ip tcp adjust-mss 1452
  duplex auto
  speed auto
  no cdp enable
!
interface Dialer1
  mtu 1492
  ip address 158.69.142.54 255.255.255.0
  ip nat outside
  encapsulation ppp
  dialer pool 1

no cdp enable
  ppp authentication chap pap callin
  ppp chap hostname 27061111
  ppp chap password 0 196581111
  ppp pap sent-username 27061111 password 0 196581111
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip http server
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.10.25 8888 interface Dialer1  8888
!
access-list 1 permit 192.168.10.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4

login
!
end

Community Member

Re: hello :)

do i need to put the acces list for the port forwarding?


access-list 101 permit tcp 192.168.10.25 255.255.255.0 eq 8888 158.69.142.54 255.255.255.0 eq 8888
access-list 101 permit tcp 158.69.142.54 255.255.255.0 eq 8888 192.168.10.25 255.255.255.0 eq 8888

Cisco Employee

Re: hello :)

You don't need the "extendable" keyword, and you also don't need the access-list.

It should already work now. What's the status?

Can you connect to 158.69.142.54 on port 8888?

Community Member

Re: hello :)

umm what do you mean i can connect? 192.168.10.25 is my dvr ip address, 192.168.10.2 is my cisco router and 158.69.142.54 is my ISP address. was thinking is i made a mistake?

Cisco Employee

Re: hello :)

You would like to connect to your dvr from the outside/internet, right? That is why you have configured the port redirection?

Community Member

Re: hello :)

yes, my i would like to view my survaillance camera from my dvr even when im outside the office.

Community Member

Re: hello :)

btw sir one more thing my isp address is static but its a pppoe type, is that a conflict to my config of port forwarding?

Cisco Employee

Re: hello :)

No, there is no conflict. As far as the configuration is concern, you should be able to access port 8888 on the public ip address from the internet, and it will be forwarded to 192.168.10.25

Community Member

Re: hello :)

yes thats was im thinking why it wont work well going to try still

Community Member

Re: hello :)

its working now but only on the HTTP but i can seem to make it work on the DVR software viewer is there any other config for it?

Community Member

Re: hello :)

When I was working in the last company, I had a customer who had a similar problem... After weeks of reviewing configurations, sending him different routers, doing a lot of research, and be called not so nice things, the problem was that camera had to be WELL configured, including the gateway with the router LAN IP address. LOL!

I'm not saying you made any mistake, just made me remember about this.

I also guess that this configuration should work...

357
Views
0
Helpful
13
Replies
CreatePlease to create content