Cisco 2600 Port Forwarding Script

Hello,
I have been getting information related to setting up port forwarding on my Cisco 2600 router, but I am still doing something wrong.  I am trying to reach a laptop inside my network from the internet.  I will need to assign about three ports to connect to some instruments controled through the laptop.  I do not want to open up my LAN to the world.  THese are my questions:
1. I have <ip nat inside static source 192.168.0.xx 1000 interface (what do I write here for outside interface?) 1000>.
2. I have <access list 101 deny> on a lot of things, what do I need to change or add to allow access?
3. How do I copy my configurations to be able to paste them on a message like this so you can see my probelms?
Last. To remove a messed up line in the config script, do I type <no (exactly what I have entered including the word extendable at the end)>?
Thanks for the help.
Whit
DMTCALASKAAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

lrmooreCommented:
1. ip nat inside source static 192.168.0.xx 1000 interface serial0 1000
                                                                                   ^^^ whichever interface you have as "ip nat outside"

2. To change access-lists you need to take several steps.
Step 1, copy your complete acl to notepad
Step 2, remove the acl from the interface
   interface serial 0
     no ip access-group 101 in

Step 3, delete the acl  "no access-list 101"
Step 4, edit the access-list in notepad, be sure your new permit is before any deny that would block it, keeping in mind that it is process top-down.
Step 5, copy / paste the new access-list to the router. In notepad, Edit | select all | copy
 In Hyperterminal, router(config)# <right-click and "paste to host">
Step 6, re-apply the access-list to the interface
   interface serial 0
    ip access-group 101 in
Step 7, save your config.

3. If you're using Hyperterminal, use Transfer | Capture Text (save it as a .txt file wherever you can find it again) | Start
you will capture everything from
    router#show config  
You may have to use spacebar to get the whole thing in the capture file. Once you get back to router# prompt, then you can go back to Transer | Capture text > stop
Now you can open the text file in notepad and cut/paste into the box here.  Else, you can cut/paste in pieces as you advance the config with the spacebar..

3-b. Yes, generally if you want to remove any line, use "no" in front of the exact command.

0
JFrederick29Commented:
If you want to forward TCP port 1000 to 192.168.0.100:

1.  ip nat inside source static tcp 192.168.0.100 1000 interface ethernet0 1000

The outside interface is the interface that has the command "ip nat outside" under it's configuration when you display the running configuration "show run".

2.  Add the following permit to the top of access-list 101:
     access-list 101 permit any any eq 1000

You'll need to copy the existing access-list to notepad, use the command "no access-list 101" to remove the access-list from the router, add the permits to the top of the list in notepad, then copy and paste it again in the router configuration.

3.  Type "show run" from the router# prompt then copy and paste your configuration from your telnet or console session.

Yes, use the no form of the command, "no ip nat inside source static..."

0
lrmooreCommented:
Damn. I missed the "tcp" in my #1. Should be:

    ip nat inside source static tcp 192.168.0.xx 1000 interface serial0 1000
                                         ^^

Great minds, think alike, don't they, Jfrederick29?

0
JFrederick29Commented:
Sure do lrmoore!  Of course, your mind is quite a bit greater than mine but my goal is to be where you are someday :)
0
lrmooreCommented:
Do you need more information?
Have you resolved this problem?
Can you close this question?
Thanks!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.