2612 not forwarding ports

[wallisek]

I've been tinkering around with my settings all night and morning. I can't get my 2612 to forward any ports to my internal web/mail server. Port scanner says port 80 on WAN side is open and my web server works from internal addresses. Am I missing something? Thanks in advance.


!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RouterA
!
enable secret 5 xxx
!
!
!
clock timezone PST -8
clock summer-time PST recurring
ip subnet-zero
!
!
!
vpdn enable
!
vpdn-group pppoe
request-dialin
protocol pppoe
!
!
!
!
!
!
!
!
!
!
!
!
interface ATM0/0
no ip address
no ip mroute-cache
atm vc-per-vp 256
no atm ilmi-keepalive
atm voice aal2 aggregate-svc upspeed-number 0
pvc 0/32
pppoe-client dial-pool-number 1
!
dsl operating-mode auto
no fair-queue
!
interface Ethernet0/0
ip address 192.168.0.65 255.255.255.224
ip nat inside
ip tcp adjust-mss 1452
full-duplex
!
interface Serial0/0
ip address 192.168.0.33 255.255.255.224
no keepalive
clockrate 800000
!
interface TokenRing0/0
no ip address
shutdown
ring-speed 16
!
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
ppp chap hostname xxx
ppp chap password 7 xxx
ppp pap sent-username xxx password 7 xxx
!
router rip
network 192.168.0.0
!
ip nat inside source list 1 interface Dialer1 overload
ip nat inside source static tcp 192.168.0.67 80 174.25.x.x 80 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
no ip pim bidir-enable
!
access-list 1 permit 192.168.0.0 0.0.255.255
dialer-list 1 protocol ip permit
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
password 7 xxx
login
line aux 0
password 7 xxx
login
line vty 0 4
password 7 xxx
login
!
!
end

 

[burtsbees]

ip nat inside source static tcp 192.168.0.67 80 174.25.x.x 80 extendable

no...

ip nat inside source static tcp 192.168.0.67 80 int di1 80

Also, make sure that your inside hosts behind interface e0/0 have the /27 mask.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[wallisek]

I've tried that command, still doesn't work. Very irritating because I've never encountered these problems before using NAT.

 

[burtsbees]

Before NAT? Well how did you get out to the internet before NAT? Do you have a static IP address from your ISP? If not (doesn't look like it since you have "ip address negotiated" on it), then how are you trying to hit your web server from the outside?

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[wallisek]

I was using the same linux box which is my web/email server for NAT. I figured I'd use this 2612 since it is part of my CCNA lab kit I bought. I love the flexability of the router but I may have to switch back to my original setup. At this point I'm thinking it has something to do with an ACL.

 

[burtsbees]

ACL on what?

So your LINUX box was being used as your edge router?

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[wallisek]

Cisco 678 in bridge mode connected to eth0 (wan ip), LAN connected to eth1. Linux box was acting as PPPoE client.

 

[burtsbees]

OK---first off, you're not being very clear about your previously working setup. Unless you use public IP addresses on all of your LAN devices, then you absolutely need to NAT/PAT to get out to the internet.

Second, the only acl in the router is the one for your NAT, which is acl 1.

Third---you have not answered too many questions, especially the pertinent one---how EXACTLY are you trying to connect from the outside? Do you have a static IP address from your provider? Are you using anything like Dynamic DNS???

Unless you answer these three questions IN DETAIL, I cannot help you at all, and chances are neither will anyone else. Nobody here is going to play guessing games.

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!