Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Newbie help with Cisco 1711 ACLs and PAT

Reply
Thread Tools

Newbie help with Cisco 1711 ACLs and PAT

 
 
Cakeholes
Guest
Posts: n/a
 
      01-12-2005
Hello, please bare with me as I am very new to Cisco....we recently set up a
business ADSL package at our office using a Cisco 1711 router as
reccommended by our ISP. The router has a WIC 4ESW card which I assume is
bascially a 4 port switch.

We were given 5 static IPs from our ISP and we have the following basic
setup:

FastEthernet0 is connected to the ADSL modem and is given a static IP
provided by the ISP (not one of our 5). There is a static route to the next
hop.

FastEthernet1 is connected to our LAN which uses a Class C subnet
(192.168.0.xxx). No IP is assigned this interface.

FastEthernet2, 3 & 4 are unused at this point

Vlan1 is configured as 192.168.0.254 255.255.255.0 and acts as our internal
networks gateway.

We have used the SDM wizard to configure the basic firewall which created
ACLs. The ISP setup a NAT pool using one of our 5 IPs and set up dynamic NAT
from our Vlan1 to the NAT pool to give us secure access to the Internet.

All of this works fine, however, we have to future objectives that we are a
little unclear of how to accomplish:

1.) Setup port forwarding to allow external users access to a Terminal
Services server. I believe PAT is used to accomplish this but I'm not sure
how to do it securely and I'm not sure how to modify the ACLs to make sure
traffic is allowed in to the router for forwarding. Ideally it would be nice
to use an IP other than the one used for external access.

2.) Host a web server on another of our IPs and have it directly connected
to one of the 3 remaining ports on the router. I know we will have to have a
DNS pointer to the address which is not a big isssue.

Any help is greatly appreciated and I can provide further info and/or
configuration data as required. I will monitor this post until I get these
issues solved. Please be patient if I am not as savvy as I should be

Cheers,

Kevin


 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      01-12-2005
In article <zscFd.72140$nN6.56145@edtnps84>,
Cakeholes <(E-Mail Removed)> wrote:
:Hello, please bare with me as I am very new to Cisco....we recently set up a
:business ADSL package at our office using a Cisco 1711 router as
:reccommended by our ISP. The router has a WIC 4ESW card which I assume is
:bascially a 4 port switch.

Right.

:All of this works fine, however, we have to future objectives that we are a
:little unclear of how to accomplish:

:1.) Setup port forwarding to allow external users access to a Terminal
:Services server. I believe PAT is used to accomplish this but I'm not sure
:how to do it securely and I'm not sure how to modify the ACLs to make sure
:traffic is allowed in to the router for forwarding. Ideally it would be nice
:to use an IP other than the one used for external access.

I suggest you examine these:

http://www.cisco.com/warp/public/556/9.html
http://www.cisco.com/warp/public/794/827spat.html

:2.) Host a web server on another of our IPs and have it directly connected
:to one of the 3 remaining ports on the router. I know we will have to have a
NS pointer to the address which is not a big isssue.

That second example above deals directly with configuration
for supporting an internal web server.
--
Disobey all self-referential sentences!
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Static PAT overrides Dynamic Pat - Pix 515e BinSur Cisco 4 01-13-2006 09:44 AM
Help configuring a Cisco 1711 router Leo Nardo Cisco 2 08-25-2005 06:35 PM
Cisco 1711, VPN and tunnels Lars Christensen Cisco 1 09-17-2004 09:16 PM
Problems with IPSec between a vpn3005 and cisco 1711 dan Cisco 0 08-04-2004 08:05 PM
CISCO 1711 Configuration Problem andeeeeuk Cisco 1 01-18-2004 10:28 PM



Advertisments