Cisco 2620 static natting help

Discussion in 'Hardware' started by biomed32uk, Jul 3, 2009.

  1. biomed32uk

    biomed32uk

    Joined:
    Jul 1, 2009
    Messages:
    1
    Hoping someone may be able to shed some light on a problem I have getting static nat to work on a 2620 router, I have spent hours scouring the net, reading documents and my isco guides, all to no avail. This router simply refuses to let me in from the outside. The server on the the inside is OK, firewall letting through ok for the port in question, it all works, tried it with my Zyxel DSL router and all good.

    I have tried ACL's on the incoming and out going interfaces, combinations of them, but nothing work, it quite simply refuses to let traffic through.

    If look a the transaction table they show there, with the port number, everything looks right, but does not work.

    The only way i have been able to ge in is to add the command.....

    ip nat inside source static 10.0.0.50 interface dialer0

    That works, but then my internal network is wide open like a barn door, yes I could tie it down with some acl's, but I would like to get the port forwarding to work.

    Has anyone got a similar router setup to work, and have any pointers for me. All help, comment sugesstions appreciated.

    Running config below...

    kivran_router#sh run
    Building configuration...

    Current configuration : 1811 bytes
    !
    ! Last configuration change at 20:39:07 UTC Fri Jul 3 2009
    ! NVRAM config last updated at 20:39:10 UTC Fri Jul 3 2009
    !
    version 12.3
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname kivran_router
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 $1$XzXH$00N2C3NPeq6wL.udCivFO/
    !
    memory-size iomem 10
    no aaa new-model
    ip subnet-zero
    !
    !
    no ip domain lookup
    !
    ip cef
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface ATM0/0
    no ip address
    no ip mroute-cache
    no atm ilmi-keepalive
    dsl operating-mode auto
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    !
    interface FastEthernet0/0
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet0/0.1
    encapsulation dot1Q 3
    ip address 10.0.0.40 255.0.0.0
    no ip proxy-arp
    ip nat inside
    ip tcp adjust-mss 1452
    !
    interface FastEthernet0/0.2
    encapsulation dot1Q 2
    ip address 192.168.10.40 255.255.255.0
    !
    interface Dialer0
    ip address negotiated
    no ip proxy-arp
    ip mtu 1492
    ip nat outside
    encapsulation ppp
    ip route-cache flow
    ip tcp adjust-mss 1452
    dialer pool 1
    dialer-group 1
    ppp authentication chap callin
    ppp chap hostname *********************
    ppp chap password 0 *******************
    !
    ip nat inside source list 1 interface Dialer0 overload
    ip nat inside source static tcp 10.0.0.50 80 interface Dialer0 80
    no ip http server
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    !
    !
    access-list 1 permit 192.168.10.0 0.0.0.255
    access-list 1 permit 10.0.0.0 0.255.255.255
    dialer-list 1 protocol ip permit
    !
    !
    !
    !
    !
    !
    line con 0
    speed 19200
    line aux 0
    line vty 0 4
    session-timeout 60
    exec-timeout 60 0
    password ********
    login
    line vty 5 15
    session-timeout 60
    exec-timeout 60 0
    password ********
    login
    !
    ntp server 139.143.5.50
    ntp server 139.143.5.30
    !
    end
     
    biomed32uk, Jul 3, 2009
    #1
    1. Advertising

  2. biomed32uk

    rlewisii

    Joined:
    Oct 21, 2009
    Messages:
    5
    I came up with this to get to our Blackberry server:

    ip nat inside source static tcp 192.168.0.158 3101 65.201.xxx.xxx 3101 extendable
     
    rlewisii, Oct 22, 2009
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. xcelloM

    Natting with cisco 803

    xcelloM, Nov 3, 2004, in forum: Cisco
    Replies:
    1
    Views:
    861
    Martin Bilgrav
    Nov 4, 2004
  2. gimmiecpt
    Replies:
    0
    Views:
    1,011
    gimmiecpt
    May 11, 2006
  3. Anthony J. Biacco

    Cisco 2811 VPN NATting

    Anthony J. Biacco, May 24, 2007, in forum: Cisco
    Replies:
    0
    Views:
    996
    Anthony J. Biacco
    May 24, 2007
  4. Cisco.ahmed@gmail.com

    Static Natting Command

    Cisco.ahmed@gmail.com, Oct 24, 2009, in forum: Cisco
    Replies:
    0
    Views:
    775
    Cisco.ahmed@gmail.com
    Oct 24, 2009
  5. moayad
    Replies:
    0
    Views:
    1,556
    moayad
    Feb 24, 2010
Loading...

Share This Page