Hello !
I am trying to build a configuration for a Cisco 2600 with two FastEthernet interfaces. I have one global ip address on the external interface.
My goal is:
1)
NAT/PAT all the local pc's from the 0/1 interface to the internet using the IP of the 0/0 interface.
2)
Publish a mail server with the "mapped" ip address of the 0/0 interface.
I have tried to configure this and the configuration is shown below. I can connect to the internet, brows pages etc. my only problem is that i cannot connect to mailservers using port 25. I cannot see anything in the config that should deny access to port 25 other than the static NAT entry. I can however connect to mailservers on port 110. I suspect the problem lies in a firewall somwhere and not in my router, but i would like to make sure before i start yelling at people...
Can one of you guys tell me if the config is blocking port 25 some way ?
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname XXXXX-2600
!
enable password XXXXXXXXXXXXXXX
!
ip subnet-zero
!
!
no ip domain lookup
!
!
!
!
!
interface FastEthernet0/0
ip address XXX.XXX.XXX.147 255.255.255.240
ip nat outside
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/1
ip address 10.1.1.1 255.255.0.0
ip nat inside
duplex auto
speed auto
no cdp enable
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static tcp 10.1.10.10 25 interface FastEthernet0/0 25
ip nat inside source static tcp 10.1.10.10 110 interface FastEthernet0/0 110
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.145
!
!
access-list 1 permit 10.1.0.0 0.0.255.255
access-list 12 permit XXX.XXX.XXX.XXX
access-list 12 permit XXX.XXX.XXX.XXX 0.0.255.255
no cdp run
!
line con 0
line aux 0
line vty 0 4
access-class 12 in
password XXXXXXXXXXXXXXX
login
Thanks
\Lars
---
Why make things difficult, when it is possible to make them cryptic and totally illogic, with just a little more effort.
---
I am trying to build a configuration for a Cisco 2600 with two FastEthernet interfaces. I have one global ip address on the external interface.
My goal is:
1)
NAT/PAT all the local pc's from the 0/1 interface to the internet using the IP of the 0/0 interface.
2)
Publish a mail server with the "mapped" ip address of the 0/0 interface.
I have tried to configure this and the configuration is shown below. I can connect to the internet, brows pages etc. my only problem is that i cannot connect to mailservers using port 25. I cannot see anything in the config that should deny access to port 25 other than the static NAT entry. I can however connect to mailservers on port 110. I suspect the problem lies in a firewall somwhere and not in my router, but i would like to make sure before i start yelling at people...
Can one of you guys tell me if the config is blocking port 25 some way ?
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname XXXXX-2600
!
enable password XXXXXXXXXXXXXXX
!
ip subnet-zero
!
!
no ip domain lookup
!
!
!
!
!
interface FastEthernet0/0
ip address XXX.XXX.XXX.147 255.255.255.240
ip nat outside
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
no ip address
shutdown
no cdp enable
!
interface FastEthernet0/1
ip address 10.1.1.1 255.255.0.0
ip nat inside
duplex auto
speed auto
no cdp enable
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static tcp 10.1.10.10 25 interface FastEthernet0/0 25
ip nat inside source static tcp 10.1.10.10 110 interface FastEthernet0/0 110
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 XXX.XXX.XXX.145
!
!
access-list 1 permit 10.1.0.0 0.0.255.255
access-list 12 permit XXX.XXX.XXX.XXX
access-list 12 permit XXX.XXX.XXX.XXX 0.0.255.255
no cdp run
!
line con 0
line aux 0
line vty 0 4
access-class 12 in
password XXXXXXXXXXXXXXX
login
Thanks
\Lars
---
Why make things difficult, when it is possible to make them cryptic and totally illogic, with just a little more effort.
---
