Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco 2600 Port Forwarding Script

Posted on 2004-10-30
5
Medium Priority
?
344 Views
Last Modified: 2011-09-20
Hello,
I have been getting information related to setting up port forwarding on my Cisco 2600 router, but I am still doing something wrong.  I am trying to reach a laptop inside my network from the internet.  I will need to assign about three ports to connect to some instruments controled through the laptop.  I do not want to open up my LAN to the world.  THese are my questions:
1. I have <ip nat inside static source 192.168.0.xx 1000 interface (what do I write here for outside interface?) 1000>.
2. I have <access list 101 deny> on a lot of things, what do I need to change or add to allow access?
3. How do I copy my configurations to be able to paste them on a message like this so you can see my probelms?
Last. To remove a messed up line in the config script, do I type <no (exactly what I have entered including the word extendable at the end)>?
Thanks for the help.
Whit
0
Comment
Question by:DMTCALASKA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 12454592
1. ip nat inside source static 192.168.0.xx 1000 interface serial0 1000
                                                                                   ^^^ whichever interface you have as "ip nat outside"

2. To change access-lists you need to take several steps.
Step 1, copy your complete acl to notepad
Step 2, remove the acl from the interface
   interface serial 0
     no ip access-group 101 in

Step 3, delete the acl  "no access-list 101"
Step 4, edit the access-list in notepad, be sure your new permit is before any deny that would block it, keeping in mind that it is process top-down.
Step 5, copy / paste the new access-list to the router. In notepad, Edit | select all | copy
 In Hyperterminal, router(config)# <right-click and "paste to host">
Step 6, re-apply the access-list to the interface
   interface serial 0
    ip access-group 101 in
Step 7, save your config.

3. If you're using Hyperterminal, use Transfer | Capture Text (save it as a .txt file wherever you can find it again) | Start
you will capture everything from
    router#show config  
You may have to use spacebar to get the whole thing in the capture file. Once you get back to router# prompt, then you can go back to Transer | Capture text > stop
Now you can open the text file in notepad and cut/paste into the box here.  Else, you can cut/paste in pieces as you advance the config with the spacebar..

3-b. Yes, generally if you want to remove any line, use "no" in front of the exact command.

0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12454606
If you want to forward TCP port 1000 to 192.168.0.100:

1.  ip nat inside source static tcp 192.168.0.100 1000 interface ethernet0 1000

The outside interface is the interface that has the command "ip nat outside" under it's configuration when you display the running configuration "show run".

2.  Add the following permit to the top of access-list 101:
     access-list 101 permit any any eq 1000

You'll need to copy the existing access-list to notepad, use the command "no access-list 101" to remove the access-list from the router, add the permits to the top of the list in notepad, then copy and paste it again in the router configuration.

3.  Type "show run" from the router# prompt then copy and paste your configuration from your telnet or console session.

Yes, use the no form of the command, "no ip nat inside source static..."

0
 
LVL 79

Expert Comment

by:lrmoore
ID: 12454656
Damn. I missed the "tcp" in my #1. Should be:

    ip nat inside source static tcp 192.168.0.xx 1000 interface serial0 1000
                                         ^^

Great minds, think alike, don't they, Jfrederick29?

0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 12456570
Sure do lrmoore!  Of course, your mind is quite a bit greater than mine but my goal is to be where you are someday :)
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 1500 total points
ID: 13688769
Do you need more information?
Have you resolved this problem?
Can you close this question?
Thanks!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question