Cisco 1711 Cannot telnet or Connect to Natted Router from internet

Discussion in 'Cisco' started by zizebra, Sep 21, 2007.

  1. zizebra

    zizebra Guest

    I have a router 1711 on which I can telnet and vpn in from within my corporate network. However when I try to telnet from the internet via the public interface, nothing happens. What should I correct, my config is below.

    Building configuration...

    Current configuration : 2967 bytes
    !
    version 12.3
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname Our_HeadOffice
    !
    boot-start-marker
    boot-end-marker
    !
    no logging console
    enable secret 5 $1$9HV7$ONYqCt6plahNhaT50I2zq.
    !
    username user privilege 15 password 7 03055D0F571C204843
    mmi polling-interval 60
    no mmi auto-configure
    no mmi pvc
    mmi snmp-timeout 180
    aaa new-model
    !
    !
    aaa authentication ppp use-radius group radius
    aaa session-id common
    ip subnet-zero
    !
    !
    no ip dhcp conflict logging
    ip dhcp excluded-address 192.168.0.1 192.168.0.20
    !
    !
    ip name-server x.x.x.x
    ip name-server x.x.x.x
    ip name-server x.x.x.x
    ip cef
    ip ids po max-events 100
    vpdn enable
    !
    vpdn-group 1
    ! Default L2TP VPDN group
    ! Default PPTP VPDN group
    accept-dialin
    protocol any
    virtual-template 1
    !
    no ftp-server write-enable
    !
    !
    !
    !
    !
    !
    crypto isakmp policy 1
    encr 3des
    authentication pre-share
    !
    crypto isakmp policy 10
    hash md5
    crypto isakmp key sacred address 0.0.0.0 0.0.0.0
    !
    !
    crypto ipsec transform-set 3DES-SHA esp-des esp-md5-hmac
    !
    crypto dynamic-map DYNAMIC-VPN 10
    set transform-set 3DES-SHA
    match address DYNAMIC-VPN-LAN
    !
    !
    crypto map VPN 1 ipsec-isakmp dynamic DYNAMIC-VPN
    !
    !
    !
    interface FastEthernet0
    ip address 196.x.x.x 255.255.255.0
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    !
    interface FastEthernet1
    no ip address
    !
    interface FastEthernet2
    no ip address
    shutdown
    !
    interface FastEthernet3
    no ip address
    shutdown
    !
    interface FastEthernet4
    no ip address
    shutdown
    !
    interface Virtual-Template1
    ip unnumbered FastEthernet0
    peer default ip address pool vpn
    ppp encrypt mppe auto
    ppp authentication ms-chap-v2
    crypto map VPN
    !
    interface Vlan192
    no ip address
    !
    interface Vlan1
    description Link to My LAN
    ip address 192.168.0.254 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    !
    interface Async1
    no ip address
    !
    ip local pool vpn 192.168.254.1 192.168.254.4
    ip classless
    ip route 0.0.0.0 0.0.0.0 196.x.x.x
    ip http server
    no ip http secure-server
    ip nat inside source list NAT_EXCLUDE interface FastEthernet0 overload
    ip nat inside source static tcp 192.168.0.1 80 196.x.x.x 80 extendable
    ip nat inside source static tcp 192.168.0.1 8080 196.x.x.x 8080 extendable
    ip nat inside source static 192.168.0.1 196.x.x.x
    !
    !
    !
    ip access-list extended DYNAMIC-VPN-LAN
    permit ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
    ip access-list extended NAT_EXCLUDE
    deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
    deny ip 192.168.0.0 0.0.0.255 host 196.x.x.x
    deny ip host 196.x.x.x 192.168.0.0 0.0.0.255
    deny ip any 192.168.0.0 0.0.0.255
    !
    radius-server host 192.168.0.25 auth-port 1645 acct-port 1646
    radius-server key 7 050A000B705F5D5A1A174406
    radius-server vsa send authentication
    !
    control-plane
    !
    !
    line con 0
    password 7 094D480D10161F03
    line 1
    stopbits 1
    speed 115200
    flowcontrol hardware
    line aux 0
    line vty 0 4
    password 7 06070925455D0108
    !
    end
    zizebra, Sep 21, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. andeeeeuk
    Replies:
    0
    Views:
    1,188
    andeeeeuk
    Jan 18, 2004
  2. Helmut Wollmersdorfer.at
    Replies:
    1
    Views:
    1,027
  3. Replies:
    5
    Views:
    2,798
  4. Leo Nardo
    Replies:
    2
    Views:
    3,417
    Leo Nardo
    Aug 25, 2005
  5. GusttyWinds
    Replies:
    3
    Views:
    10,410
    GusttyWinds
    May 17, 2006
Loading...

Share This Page