Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Port Forwarding

Status
Not open for further replies.
Tegguy92

Tegguy92

Technical User
Mar 26, 2011
41
US
I have a Cisco 2621 Router that i'm trying to configure port forwarding on and need some help.

My current setup:
Cable Modem -> Eth0/0 Eth 0/1-> Netgear router wan port

I need to get port 3389 forwarded to a computer hooked up to the Netgear ip 192.168.0.101
Netgear wan ip 192.168.1.100


Using 1970 out of 29688 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
!
clock timezone east -4
ip subnet-zero
!
!
ip name-server 65.32.5.111
ip name-server 65.32.5.112
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.1.101
ip dhcp excluded-address 192.168.1.109
ip dhcp excluded-address 192.168.1.108
ip dhcp excluded-address 192.168.1.148 192.168.1.151
!
ip dhcp pool DHCP_POOL
network 192.168.1.0 255.255.255.0
domain-name ciscolab.local
default-router 192.168.1.1
dns-server 65.32.5.111 65.32.5.112
!
ip dhcp pool I7_PC
host 192.168.1.101 255.255.255.0
dns-server 65.32.5.111 65.32.5.112
lease infinite
!
ip dhcp pool DL380-NIC-1
host 192.168.1.108 255.255.255.0
dns-server 65.32.5.111 65.32.5.112
lease infinite
!
ip dhcp pool DL380-NIC-2
host 192.168.1.109 255.255.255.0
dns-server 65.32.5.111 65.32.5.112
lease infinite
!
prompt Cisco_Router
call rsvp-sync
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
speed auto
full-duplex
!
interface Serial0/0
no ip address
shutdown
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.1.100 3389 184.88.99.23 3389 extendable
ip nat inside source static udp 192.168.1.100 3389 184.88.99.23 3389 extendable
ip nat inside source static udp 192.168.1.100 65534 184.88.99.23 65534 extendable
ip nat inside source static tcp 192.168.1.100 65534 184.88.99.23 65534 extendable

ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
no ip http server
ip pim bidir-enable
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 0.0.0.0 255.255.255.0
!
dial-peer cor custom
!
!
!
!
line con 0
password &&&&&&&&
login
line aux 0
line vty 0 4
password &&&&&&&
login
!

Port 65534 is my netgear remote access port

What am I missing?
 
Sort by date Sort by votes
Also my netgear had the port forwarded
 
Upvote 0 Downvote
I have tried to remove the NAT to recreate it and it says "Entry in use cannot delete" I have tried to take Nat down on all interfaces and also clear the nat translations but I can't seem to get this one to clear.

This is after I re-enabled NAT but it's the exact same as with is disabled

Router(config)#no ip nat inside source static tcp 192.168.1.100 3389 184.88.99.23 3389
%Entry in use, cannot delete
Router(config)#exit
Cisco_Routerclear ip nat translation forced
Cisco_Routershow
Cisco_Routershow ip
Cisco_Routerclear ip nat translation *
Cisco_Routershow ip
Cisco_Routershow ip nat
Cisco_Routershow ip nat tr
Cisco_Routershow ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp 184.88.99.23:3389 192.168.1.100:3389 --- ---
udp 184.88.99.23:3389 192.168.1.100:3389 --- ---
tcp 184.88.99.23:3389 192.168.1.100:3389 --- ---
udp 184.88.99.23:3389 192.168.1.100:3389 --- ---
tcp 184.88.99.23:65534 192.168.1.100:65534 --- ---
udp 184.88.99.23:65534 192.168.1.100:65534 --- ---
 
Upvote 0 Downvote
Anybody? I did find out my port forwarded to 65534 works but I need to get rid of one of my 3389 sets. Can anyone help me?
 
Upvote 0 Downvote
You will probably need to remove the ip nat commands off your ints, clear the ip tran, then remove the entries.
 
Upvote 0 Downvote
The previous post involved removing both nats inside and outside and then clearing the tran and then trying it and it still didn't work
 
Upvote 0 Downvote
Assuming that you're leasing the public IP that you list in your nat statements, your command syntax looks correct. If you look at the translation table, does it give you the entries that you'd expect? If you really want to get into the nitty gritty detail, do a 'debug ip packet detail' and 'debug ip nat' while generating traffic that you expect to be NATed in the way you've configured. That should help to confirm if your overall issue is with the router not NATing properly, or an issue further down towards the Netgear.

CCNP, CCDP, CCIP
Core Network Planner, ISP
 
Upvote 0 Downvote
I should also mention, don't do that during production hours. That first debug is rather process-intensive.

CCNP, CCDP, CCIP
Core Network Planner, ISP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zero6
  • Locked
  • Question
question about cisco cbs 350-12xs 12 port 10g sfp+
Replies
0
Views
136
Zero6
Zero6
Gartech
  • Locked
  • Question
LAN Port Test Device
Replies
3
Views
136
ipohead
ipohead
BleuBell
  • Locked
  • Question
Command Rejected : Exceeded NNI ports Allowed
Replies
0
Views
93
BleuBell
BleuBell
amelamel
  • Locked
  • Question
port has faulty link
Replies
2
Views
299
ADB100
ADB100
CDIV
  • Locked
  • Question
Use uplink port as access port 2960 1
Replies
9
Views
320
CDIV
CDIV

Part and Inventory Search

Sponsor

Back
Top