troubleshooting Question

Cisco ACLs for www service

Avatar of cioae
cioae asked on
Routers
10 Comments1 Solution409 ViewsLast Modified:
I have a Cisco 1720 router running IOS 12.1 with the following configuration:

!
interface Serial0.1 point-to-point
 description connected to Internet
 ip address xxx.xxx.xxx.xx9 255.255.255.248
 ip access-group 199 in
 ip nat outside
 frame-relay interface-dlci 500 IETF
!
ip nat pool Cisco1720-natpool-1 xxx.xxx.xxx.xx1 xxx.xxx.xxx.xx3 netmask 255.255.255.248
ip nat inside source list 1 pool Cisco1720-natpool-1 overload
ip nat inside source static 192.168.1.1 xxx.xxx.xxx.xx0
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0.1
no ip http server
!
access-list 199 permit tcp any any established
access-list 199 permit gre any host xxx.xxx.xxx.xx0
access-list 199 permit tcp any host xxx.xxx.xxx.xx0 eq 1723
access-list 199 permit tcp any eq domain any
access-list 199 permit udp any eq domain any
access-list 199 permit icmp any any
access-list 199 permit tcp any eq ftp-data any
access-list 199 permit tcp any host xxx.xxx.xxx.xx9 eq telnet

I have a public ip address range from xxx.xxx.xxx.xx9, xxx.xxx.xxx.xx0 - xxx.xxx.xxx.xx3

The internal interface is assigned 192.168.1.1 and there is a VPN server assigned 192.168.1.2 and a web server assigned 192.168.1.3.

xxx.xxx.xxx.xx9 is the routers serial ip and xxx.xxx.xxx.xx0 is nat-ed for incomming vpn connections.

I need to assign xxx.xxx.xxx.xx1 to handle the web service on 192.168.1.3 but have so far been unable to configure this properly.

How should I configure the router?

Thanks
ASKER CERTIFIED SOLUTION
Les Moore
Systems Architect
Join our community to see this answer!
Unlock 1 Answer and 10 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 10 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros