Cisco 2600 Router to Configure with INTERNET and LAN 1

[mashadif]

Hi!

I want to configure my Cisco 2600 Router to enable my LAN users to surf the Internet for HTTP, HTTPS, FTP services.

My router has 2 Ethernet Interface e0/0 and e0/1.

e0/0 - LAN (192.168.1.0 network)
e0/1 - Internet (10.0.32.48 IP address - connected to DSL Modem, getting Private IP Automatically from Modem).

Can any one suggest the NAT, Access-list and Interface configuration to allow my users to reach internet.

Also i want RDP (3389) connection from INTERNET to my LOCAL system 192.168.1.20.

Regards,
Faheem

 

[castlesmadeofsand]

If your modem is giving your router a private IP, and you can get on the internet, looks like your modem is actually also a router, doing the NATting.
router>en
router#conf t
router(config)#access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq

http://www (or

try the port number 80)
router(config)#access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 443
router(config)#access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq rdp (or try the port number 3389)
router(config)#access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq ftp (or try the port number 21)
router(config)#int e0/1
router(config-if)#ip access-group 101 out

If you do not implement a routing protocol, then you need a static route from the LAN to the e0/0
router(config)#ip route 0.0.0.0 0.0.0.0 e0/0
This will give you a default route, or gateway of last resort.
As far as the access lists go, once you create one, it follows those rules, and in this case will only allow that which is configured in the list (which you have in your post) and it will deny everything else. In other words, there is an implicit deny at the end of the list, so once the router has a specific set of rules (access list) to follow, it will do that and only that. Good luck.

Regards,

Tim

 

[castlesmadeofsand]

I'm sorry---the outbound interface for the static route should be e0/1
router(config)#ip route 0.0.0.0 0.0.0.0 e0/1

Sorry.

Tim