Hello all, I am having a problem with my setup that I havent been able to fix, so any help is much appreciated, here is the issue:
I have a 3600 router with 4 fast ethernet interfaces, 2 of them connected to 2 LAN, and the other 2 connected to two different ISP's, I've setup two route maps in order to use isp1's gateway for lan1 and isp2's gateway for lan2, I also have a couple of 1-1 NATting going on and a couple of PAT entries for the servers running in the LANs, the problem is that whenever I want to connect to one of the mail servers on lan2 from a computer on lan1 I get connection refused, I've had similar problems before with other more simplistic hardware, and the problem was due to the lack of loopback routing on this devices, however I have no idea on how to fix this on the Cisco router I believe it can be done but my CCNA knowledge doesnt help me on this one, attached is my config file, thank you very much for your help
Hello all, first of all thank you very much for your help, after installing the new access-lists it seems the problem is 50% solved, now I can access machines in net2 from net1 and vice versa, however, the initial issue is still present, let me explain a bit further:
lets say I own the domain carlosruiz.com, and the server hosting that domain is in net2, I have setup a couple of PAT's for example carlosruiz.com:22 -> net2ip:2222, carlosruiz.com:25 -> net2ip:25 and carlosruiz.com:80 -> net2ip:80 as you can see if I am sitting in a computer in net1 and enter net2ip in my web browser it does work as expected however if I enter carlosruiz.com I get a connection refused as before there are no firewall rules preventing this trafic so the problem still is that anything that comes into the router ISP1 or ISP2 from net1 or net2 gets a connection refused, but pings still work, are the Port Address Translations restriceted in any way? when the traffic comes from the inside?
access-list 1 permit 192.168.57.0 0.0.0.255
access-list 2 permit 192.168.58.0 0.0.0.255
access-list 10 permit 192.168.57.0 0.0.0.255
access-list 20 permit 192.168.58.0 0.0.0.255
access-list 101 deny ip 192.168.57.0 0.0.0.255 192.168.58.0 0.0.0.255
access-list 101 permit ip 192.168.57.0 0.0.0.255 any
access-list 102 deny ip 192.168.58.0 0.0.0.255 192.168.57.0 0.0.0.255
access-list 102 permit ip 192.168.58.0 0.0.0.255 any
access-list 110 deny tcp any 184.108.40.206 0.0.0.15 eq telnet
access-list 110 deny icmp any 220.127.116.11 0.0.0.15 8 0
access-list 110 permit ip any any
access-list 120 deny tcp any 18.104.22.168 0.0.0.15 eq telnet
access-list 120 deny icmp any 22.214.171.124 0.0.0.15 8 0
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.