Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

CISCO 877W

Status
Not open for further replies.
harpal

harpal

Technical User
Oct 3, 2001
115
0
0
GB
Hi,

I am trying to enable port forward on the cisco 877w without any joy the internal machine IP is 10.10.10.6 and I want to be able to use my wan IP 82.***.***.** to connect to my machine from the internet use port 3389 this is a pretty simple task on a draytek not so simple on the cisco any help would be helpful.

regards

 
Sort by date Sort by votes
access-list 100 permit tcp any host 82.***.***.** eq 3389

access-list 100 permit tcp any host 82.***.***.** eq 3390

ip nat inside source static tcp 10.10.10.6 3389 interface Dialer1 3389

ip nat inside source static tcp 10.10.10.7 3390 interface Dialer1 3390

interface Dialer1
ip access-group 100 in

..make sure your access list is allowing port 3389
..apply it to the inbound of the outside interface.
..also noticed how i utilze 3390 to access another internal computer via rdp ..just have to do 82.***.***.**:3390 in the ip address dialoge box of rdp..

...and i am using dialer 1 as my outside interface..you might by using something like atm 0/0 ..or whatever..

 
Upvote 0 Downvote
Dan,

thanks for info is this done through SDM for are they the commands that I need to user for a telent sessions

thanks again

H
 
Upvote 0 Downvote
Dan

tried the above command

got the following error

access-list 100 permit tcp any host 82.***.***.** eq 3389
^
% Invalid input detected at '^' marker

H
 
Upvote 0 Downvote
perimeter_router(config)#ip access-list extended 100
perimeter_router(config-ext-nacl)#?
Ext Access List configuration commands:
<1-2147483647> Sequence Number <---use sequence numbers..if you can...
default Set a command to its defaults
deny Specify packets to reject

..i am using extended access list so i can put statments in sequentially and take them out without blowing away the whole access list..

...with your cli problem..i think you either need to use access list 99..or you where not in config mode..

...also i would definately do some more reasearch on securing your router with access list statements...

..below is small example on basic ip addresses that should not be reaching your router from the outside interface...

access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
access-list 100 deny ip 127.0.0.0 0.255.255.255 any log
access-list 100 deny ip 169.254.0.0 0.0.255.255 any log
access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny ip 0.0.0.0 0.255.255.255 any log
access-list 100 deny ip 172.16.0.0 0.15.255.255 any log
access-list 100 deny ip host 0.0.0.0 any log
access-list 100 deny icmp any any redirect log
access-list 100 deny ip any any

 
Upvote 0 Downvote
Dan,

thanks for your help on this you were right I was not in config mode also I upgraded the IOS on the router from 12.3.YI1 to 12.4.T.(9) ipadvance that one other question I have is although the new IOS has been successful the bootstrap still points to the old IOS name is this something to worry about, also I am hoping to do a CNNA but looks like it's going to be tough do you have any tips on books etc.

regards

H
 
Upvote 0 Downvote
Dan,

here is a show version notice the ROM: bootstrap to points to old version?

Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 12.4(9)T, RE
LEASE SOFTWARE (fc1)
Technical Support: Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Sat 17-Jun-06 03:34 by prod_rel_team

ROM: System Bootstrap, Version 12.3(8r)YI1, RELEASE SOFTWARE

CISCO877W uptime is 29 minutes
System returned to ROM by reload at 19:56:09 PCTime Tue Nov 21 2006
System restarted at 19:57:37 PCTime Tue Nov 21 2006
System image file is "flash:c870-advipservicesk9-mz.124-9.T.bin"
Last reload reason: Reload Command

H
 
Upvote 0 Downvote
hmmmm.
.i have never paid to much attention to that..
....maybe i am wrong here...but i dont think thats a big deal...and perhaps a quick search on google will explain why it does that.....and its insignificance...

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
118
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
102
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
118
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
105
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
138
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top