ACCESS FROM INTERNET TO A WEBCAM SERVER

[juancarlosmm]

Hi guys,

I HAVE A 1812 ROUTER, A PUBLIC IP ADDRESS TO OUTSIDE, A DHCP 192.168.1.0 NETWORK TO INSIDE.

I WANT TO ACCES TO A WEBSERVER INSIDE FROM INTERNET, TO A NON STANDAR PORT, THE WEBCAM SERVER NEED TO OPEN FROM ROUTER 82, 9000 AND 18003 ALL TCP PORT.

DOES ANY ONE KNOW WHAT SHOULD I NEED TO DO

I ALREADY HAVE THIS (ABREVIATE AS MANY AS A COULD):

Ip dhcp pool sdm-pool1

interface FastEthernet0
pppoe enable
pppoe-client dial-pool-number 1

interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside


interface Dialer0
ip nat outside
encapsulation ppp

ip nat inside source list 1 interface Dialer0 overload

ip nat inside source static tcp 192.168.1.220 18003 interface Dialer0 18003
ip nat inside source static tcp 192.168.1.220 18004 interface Dialer0 18004
ip nat inside source static tcp 192.168.1.220 82 interface Dialer0 82
ip nat inside source static tcp 192.168.1.220 9000 interface Dialer0 9000

***************************
i have this with nat show command:

sh ip nat trans
tcp xxx.175.154.87:82 192.168.1.220:82 --- ---
udp xxx.175.154.87:1137 192.168.1.220:1137 202.96.128.68:53 202.96.128.68:53
tcp xxx.175.154.87:9000 192.168.1.220:9000 --- ---
tcp xxx.175.154.87:18003 192.168.1.220:18003 --- ---
tcp xxx.175.154.87:18004 192.168.1.220:18004 --- ---


INTERNET FROM INSIDE TO OUTSIDE IS WORKING GREAT

WHEN I TRY FROM

http://www.yougetsignal.com,

ALL PORTS ABOVE ARE OPENED
BUT I STILL DO NOT HAVE ANY WEBCAMS PAGES


NOTES, ALL WAS WORKING ON A LINKSYS CISCO ROUTER WITH THE SAME PORTS FORWARDING CONFIGURED

Thanks a lot guys

 

[burtsbees]

Post the entire config, plus what servers the cams are hanging off of, if they are bridging, double-homing or if the cams have their own IP addresses, etc., if there is other traffic, etc. Can you telnet to that IP address via those ports, or some other sort of remote access?

/ of all evil




10 ? "TIMMAY!!!"
20 goto 10
run
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!!!
TIMMAY!

 

[juancarlosmm]

it's working now
what changes i did?
add this lines:
interface Virtual-Template1
no ip address
ip access-group Internet-Into-Lan in

write start up config and reboot
I do not think that these lines have made it work, but it did reboot

Here is the most of the config:
Building configuration...

Current configuration : 6788 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname cisco1812
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$HX7V$SKAJAShD9Q7TC1AUK.Iu./
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.201 192.168.1.254
!
ip dhcp pool sdm-pool1
import all
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server XXX.XXX.XXX.XXX XXX.XXX.XXX.XXX
!
!
ip tcp synwait-time 10
no ip bootp server
ip domain name xxxxxxxxxxx.com
ip name-server xxxxxxxxxxxx
ip name-server xxxxxxxxxxxxxxxx
ip ssh time-out 60
ip ssh authentication-retries 2
ip inspect name webfilter http urlfilter
ip urlfilter exclusive-domain deny

http://www.sex.com

ip urlfilter exclusive-domain deny sex
!
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0
description $ETH-WAN$
no ip address
ip mask-reply
no ip unreachables
ip directed-broadcast
ip route-cache flow
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface FastEthernet1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
shutdown
duplex auto
speed auto
!
interface BRI0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
encapsulation hdlc
ip route-cache flow
shutdown
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Virtual-Template1
no ip address
ip access-group Internet-Into-Lan in
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$ES_LAN$$FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
description $FW_OUTSIDE$
mtu 1492
bandwidth 5000
ip address negotiated
no ip unreachables
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username XXXXXXXX password 7 000A42555158121E15
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0 permanent
ip route 192.168.0.0 255.255.255.0 192.168.1.8 2 permanent
ip route 192.168.2.0 255.255.255.0 192.168.1.9 2 permanent
ip route 192.168.3.0 255.255.255.0 192.168.1.10 2 permanent
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000
ip nat inside source list internet-access interface Dialer0 overload
ip nat inside source static tcp 192.168.1.239 83 interface Dialer0 83
ip nat inside source static tcp 192.168.1.210 18003 interface Dialer0 18003
ip nat inside source static tcp 192.168.1.210 9001 interface Dialer0 9001
ip nat inside source static tcp 192.168.1.210 81 interface Dialer0 81
ip nat inside source static tcp 192.168.1.220 82 interface Dialer0 82
ip nat inside source static tcp 192.168.1.220 9000 interface Dialer0 9000
ip nat inside source static tcp 192.168.1.220 18004 interface Dialer0 18004
!
ip access-list extended Internet-Into-Lan
remark Example - Allow Internet to Access DVR Server
remark CCP_ACL Category=1
permit tcp any eq

http://www any

remark Example - Allow Internet to Access DVR Server
permit tcp any any eq 82 log
remark Example - Allow Internet to Access DVR Server
permit tcp any any eq 9000 log
remark Example - Allow Internet to Access DVR Server
permit tcp any any eq 18003 log
remark Example - Allow Internet to Access DVR Server
permit tcp any any eq 18004 log
remark Example - Allow Internet to Access DVR Server
permit tcp any any eq 9001 log
ip access-list extended internet-access
remark Allow LAN 192.168.1.0 Internet Access
remark CCP_ACL Category=2
remark Allow Lan Internet Access
permit ip 192.168.1.0 0.0.0.255 any
!
logging trap debugging
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
transport output telnet
line aux 0
transport output telnet
line vty 0 4
transport input telnet ssh
line vty 5 15
transport input telnet ssh
!
scheduler allocate 4000 1000
scheduler interval 500
ntp clock-period 17180328
end


THANKS ANY WAY!!!