Solved

cisco port forwarding with nat

Posted on 2007-11-14
4
614 Views
Last Modified: 2008-02-01
I am trying  actually trying to get users from outside my network to be able to connect to a windows vpn server within my network, however i am having problems forwarding the ports.  I have even been testing the port forwarding by forwarding to my webserver  and I still cannot get this to work.  Can i please get some help
here is my config
                 

Current configuration : 3596 bytes                                  
!
version 12.2            
service timestamps debug uptime                              
service timestamps log uptime                                                    
!
                         
memory-size iomem 10                    
ip subnet-zero              
!
!
ip name-server 192.168.1.36                          
ip name-server 192.168.1.34                          
ip name-server 199.45.32.38                        
ip name-server 199.45.32.43                          
!
vpdn enable          
!
vpdn-group toto-vpn                  
! Default PPTP VPDN group                        
 accept-dialin              
  protocol pptp              
  virtual-template 1                    
!
!
call rsvp-sync              
!
!
!
!
!
!
controller T1 3/0                
 framing esf            
 clock source internal                      
 linecode b8zs              
 channel-group 0 timeslots 1-24 speed 64                                        
!
controller T1 3/1                
 framing esf            
 clock source internal                      
 linecode b8zs              
 channel-group 0 timeslots 1-24 speed 64                                        
!
!
!
interface Ethernet0/0                    
 ip address 192.168.1.2 255.255.255.0                                    
 ip nat inside              
 half-duplex            
!
interface Serial0/0                  
 description                      
 ip address 192.168.5.1 255.255.255.0                                    
 ip nat inside              
!
interface Serial0/1                  
 description                      
 ip address 192.168.20.1 255.255.255.0                                      
 ip nat inside              
!
interface Ethernet1/0                    
 no ip address              
 half-duplex            
!
interface Serial1/0                  
 description                            
 ip address 192.168.50.1 255.255.255.0                                      
 ip nat inside              
!
interface Serial1/1                  
   
 ip address 55.555.55.55 255.255.255.252                                        
 ip access-group 105 in                      
 ip nat outside              
 service-module t1 timeslots                            
!
interface FastEthernet3/0                        
 no ip address              
 shutdown        
 duplex auto            
 speed auto          
!
interface Serial3/0:0                    
 ip address 192.168.37.1 255.255.255.0                                      
 ip nat inside              
!
interface Serial3/1:0                    
 ip address 192.168.62.1 255.255.255.0                                      
 ip nat inside              
!
interface Serial3/2                  
 ip address 192.168.72.1 255.255.255.0                                      
 ip nat inside              
!
interface Virtual-Template1                          
 ip unnumbered Ethernet0/0                          
 peer default ip address pool defaultpool                                        
 ppp encrypt mppe auto required                              
 ppp authentication ms-chap                          
!
router rip          
 version 1          
 network 192.168.1.0                    
 network 192          
 network 192.168.20.0                    
 network 192.168.37.0                    
 network 192.168.50.0                    
 network 192.168.62.0                    
 network 192.168.72.0                    
 network 192.168.73.0                    
!
ip local pool defaultpool 192.168.1.200 192.168.1.210                                                    
ip nat inside source list 1 interface Serial1/1 overload                                                        
ip nat inside source static 192.168.1.37 55.555.55.55                                                    
ip classless            
ip route 0.0.0.0 0.0.0.0 55.555.55.59                                  
ip route 192.168.4.0 255.255.255.0 192.168.50.3                                              
ip route 192.168.7.0 255.255.255.0 192.168.5.2                                              
ip route 192.168.10.0 255.255.255.0 192.168.20.2                                                
ip route 192.168.63.0 255.2                        
ip route 192.168.73.0 255.255.255.0 192.168.72.3                                                
no ip http server                
!
access-list 1 permit 192.168.0.0 0.0.0.255                                          
access-list 1 permit 192.168.1.0 0.0.0.255                                          
access-list 1 permit 192.168.5.0 0.0.0.255                                          
access-list 1 permit 192.168.20.0 0.0.0.255                                          
access-list 1 permit 192.168.50.0 0.0.0.255                                          
access-list 1 permit 192.168.4.0 0.0.0.255                                          
access-list 1 permit 192.168.10.0 0.0.0.255                                          
access-list 1 permit 192.168.7.0 0.0.0.255                                          
access-list 1 permit 192.168.37.0 0.0.0.255                                          
access-list 1 permit 192.168.47.0 0.0.0.255                                          
access-list 1 permit 192.168.57.0 0.0.0.255                                          
access-list 1 permit 192.168.62.0 0.0.0.255                                          
access-list 1 permit 192.168.63.0 0.0.0.255                                          
access-list 1 permit 192.168.72.0 0.0.0.255                                          
access-list 1 permit 192.168.73.0 0.0.0.255                                    
access-list 10 permit 199.45.52.0 0.0.3.255
access-list 105 permit tcp any host 55.555.55.5
access-list 105 permit tcp any any established
!
dial-peer cor custom
!
!
!
!
!

!
0
Comment
Question by:cwill78295
  • 2
  • 2
4 Comments
 
LVL 15

Accepted Solution

by:
wingatesl earned 500 total points
ID: 20285737
the static command should be
ip nat inside source static tcp 192.168.1.31 <port> interface serial 1/1 <port>
access-list 105 permit tcp any any eq <port>

or substitute UDP if needed
0
 

Author Comment

by:cwill78295
ID: 20285846
i removed
ip nat inside source static 192.168.1.37 55.555.55.55
and added what you have and still nothing
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20286212
what port are you trying to forward?
0
 

Author Comment

by:cwill78295
ID: 20312657
actually it worked, thank you!! the person i asked to check the port was a little slow!!
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now