Gaining access through a Cisco 678 & Linksys DSL/Cable router
I have been trying to get access to my office network network for a few weeks now without any luck. Here's the scenario:
I have a Cisco 678 using Qwest DSL. I have a block of static IPs. I have a Linksys DSL/Cable router behind the Cisco. The internal IP to my Linksys is 192.168.0.1 and the computer that I want access to is 192.168.0.21 and the program I'm using on that computer uses port 1387.
I have already added the following line to my Cisco 678:
set nat entry add 192.168.0.1
I first tried "set nat entry add 192.168.0.21" but after I though about it, I would like to pass all ports through the Cisco to the Linksys. Then allow the Linksys to block all ports except for 1387. I want to block all ports, excluding port 1387--sending this traffic to IP 192.168.0.21.
Let me know if there's a better way to go about this or what I'm doing wrong. Thanks!
I have a Cisco 678 using Qwest DSL. I have a block of static IPs. I have a Linksys DSL/Cable router behind the Cisco. The internal IP to my Linksys is 192.168.0.1 and the computer that I want access to is 192.168.0.21 and the program I'm using on that computer uses port 1387.
I have already added the following line to my Cisco 678:
set nat entry add 192.168.0.1
I first tried "set nat entry add 192.168.0.21" but after I though about it, I would like to pass all ports through the Cisco to the Linksys. Then allow the Linksys to block all ports except for 1387. I want to block all ports, excluding port 1387--sending this traffic to IP 192.168.0.21.
Let me know if there's a better way to go about this or what I'm doing wrong. Thanks!
Turn off NAT on the Cisco and pass all the traffic to the Linksys and NAT it there.
the only problem with that is your inside ethernet on the 678 and the outside ethernet on your linksys has to be public addresses. If your ISP is DHCP then this will be difficult.
A better answer would be to use a on to one NAT (as opposed to PAT) on the 192.168.0.1 address to the outside interface of the 678 and then use port forwarding on the linksys to forward the packets to the machine that you want to send the packets to. (Or use the DMZ option to put the entire machine directly on the internet.)
A better answer would be to use a on to one NAT (as opposed to PAT) on the 192.168.0.1 address to the outside interface of the 678 and then use port forwarding on the linksys to forward the packets to the machine that you want to send the packets to. (Or use the DMZ option to put the entire machine directly on the internet.)
ASKER
Thanks for the suggestions. I will try it today. I'm not sure how to do a one to one NAT but I have not disabled NAT. On another network that I'm trying the same thing, I told the customer that his DSL had to have a static IP address and I configured the Cisco for a static IP and it worked fine. So, maybe the DHCP and or NAT is a problem? But, it seems that the same IP address is assigned day after day.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.