Help With Cisco 2621 2

[Niall22]

I recently configured a Cisco 2621 router for use with our @Home Cable Internet connection.&nbsp;&nbsp;Internet access works fine, however, every morning I have to reboot the router because it stops communicating with the cable modem over night.&nbsp;&nbsp;No one is around to use the Internet after 10:00pm and it seems as if the router stops talking to the cable modem after a few hours of inactivity.&nbsp;&nbsp;I haven't defined any timeout settings but I'm curious if there is some default timeout setting that could be causing this.&nbsp;&nbsp;I also have the Cisco IOS Firewall configured on the router.<br><br>On a side note: I have configured the router to use NAT and I'm curious if there is anyway that I can configure the router to listen on a specific port, say 21, and when it detects someone communicating with the port it will forward the packets to an internal private ip address with the same port destination.&nbsp;&nbsp;I can do it with WinRoute Pro using port mapping but I can't find any similar feature with the 2621 router.<br>Any help would be greatly appreciated.&nbsp;&nbsp;I have searched Cisco's web site for assistance but it doesn't seem to be very helpful.<br><br>Thank-you,<br>Niall

 

[robebrow]

On the cable modem problem I have no idea.&nbsp;&nbsp;As far as the telnet connection you would have use an extended access list to accomplish this.&nbsp;&nbsp;Hope this helps.<br><br>Rob

 

[Niall22]

Are you sure I can use an extended access-list to get the router to forward packets from a specific port on my Internet IP to the same port on a private IP within the network?&nbsp;&nbsp;I've tried that before and it wouldn't work.&nbsp;&nbsp;Here's an example of what I need to do:<br><br>I have a public IP of 123.123.123.123 and an ftp server running on a computer within the private network with an IP of 10.10.10.10.&nbsp;&nbsp;How do I configure NAT so that someone can send an ftp connection request to 123.123.123.123 port 21 and have my router forward that connection request to 10.10.10.10 port 21 so that it appears to the user that my FTP server is actually running on my public IP of 123.123.123.123?<br><br>If you can accomplish this with access-lists can someone please give me a detailed example of how to do it using my example above?<br><br>Thank-you for any help.

 

[robebrow]

Access list 101 permit tcp host (user address) host (local address) eq ftp<br>(syntax may not be quite right off the top of my head)<br>Then apply the access group in on that interface<br><br>REMEMBER when the access list goes in there is a implicit deny all statement on the bottom of the access list!!!! <br><br>Some FTP applications also need to have port 20 opened up also.&nbsp;&nbsp;Best bet hook up a sniffer on the outside and monitor it and see what is happening.&nbsp;&nbsp;Hope this helps.<br><br>Rob

 

[wabitt]

ip nat inside source static tcp (private ip ) (public ip) range 20 21<br>That will create a pat map to your ftp server.<br>Make sure your ftp server is able to use passiv connections<br>with clients connecting to it.<br>Some applictaion specific ftp servers like Max remote exchange require active connections which can be a real can of worms when using NAT.<br>You could also use config maker to do what you need.<br>Its a quick any easy way to put together a simple config.