Nat through DSL Modem-router to Cisco 2621
Posted on 2004-09-06
Ill try to keep it simple and short....
I have 5 static IP address's on my dsl subscription, 69.xxx.xxx.81 thru 69.xxx.xxx.85, the Modem/router is 69.XXX.xxx.86.
Net mask is 255.255.255.248
The int fa0/0 is(outside) 69.xxx.xxx.81 and int fa0/1 my internal network is 172.16.xxx.xxx/16.
I can ping thru the router to the outside, but I can not ping from the modem to the inside.... this is where my woes begin....
I want to be able to set up a web server, a ftp server and an RDP connection for people to hit the server from the outside on ip 69.xxx.xxx.85.
but for some reason unknown to me, I can not get the router (2621) to pass the trafic thru.
I have removed my in bound access-list for trouble shooting purposes, so please dont think Im a fool running wide open....
I have included my sh run and as you can see I would like anyone who hits the 69.xxx.xxx.85 address, depending on port #, to either start an RDP session or Hit the FTP server. I have yet to set the NAT up for the http....I figure Im failing at two, why go for three....
So if you see the mistake that im not, please let me know...
thanks in advance people
ip name-server 184.108.40.206
ip name-server 220.127.116.11
ip address 69.XXX.XXX.81 255.255.255.248
ip access-group 101 in
ip nat outside
no ip mroute-cache
no cdp enable
no ip address
ip address 172.16.1.1 255.255.0.0
ip nat inside
ip default-gateway 69.XXX.XXX.86
ip nat inside source list 2 interface FastEthernet0/0 overload
ip nat inside source static tcp 172.16.10.1 20 69.XXX.XXX.85 20 extendable
ip nat inside source static tcp 172.16.10.1 21 69.XXX.XXX.85 21 extendable
ip nat inside source static tcp 172.16.10.1 3389 69.XXX.XXX.85 3389 extendable
ip route 0.0.0.0 0.0.0.0 18.104.22.168 name DSL-service
ip http server
no ip pim bidir-enable
access-list 2 permit 172.16.0.0 0.0.255.255
access-list 2 permit any
access-list 101 permit tcp any any
access-list 101 permit udp any eq domain any
access-list 101 permit icmp any any
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit