hstern03
asked on
RDP through Nat on Cisco router and Linksys wrt54g
Hey everyone,
i have a cisco 2621 router that goes to a linksys wrt 54g and then to a cisco 2950 switch. I've been looking around and i know you have to put the ip nat inside source static tcp xxxx.xxxx.xxxx.xxxx interface whatever. and then put in the access-list. did that and its still not working. i know i'm missing something. heres my config. Thanks in advance.
!
no aaa new-model
ip subnet-zero
no ip source-route
ip cef
!
!
no ip dhcp conflict logging
!
ip dhcp pool client
network 192.168.255.0 255.255.255.0
default-router 192.168.255.1
dns-server 192.168.1.41 4.2.2.2 4.2.2.3
domain-name henry.local
!
!
!
!
!
!
interface FastEthernet0/0
description WAN
ip address dhcp
no ip unreachables
ip nat outside
no ip mroute-cache
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
no ip address
no ip mroute-cache
shutdown
!
interface FastEthernet0/1
description LAN
ip address 192.168.255.1 255.255.255.0
ip nat inside
no ip mroute-cache
speed auto
full-duplex
no cdp enable
!
ip nat inside source list 10 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.1.10 3389 interface FastEthernet0/0 3389
no ip http server
ip classless
ip default-network 192.168.255.0
!
!
access-list 10 permit 192.168.255.0 0.0.0.255
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 120 permit tcp any any eq 3389
access-list 120 permit tcp any any eq www
access-list 120 permit tcp any any eq ftp
access-list 120 permit tcp any any eq 443
access-list 120 permit tcp any any eq 22
access-list 120 permit tcp any any eq smtp
!
line con 0
line aux 0
line vty 0 4
password
login
!
!
end
i have a cisco 2621 router that goes to a linksys wrt 54g and then to a cisco 2950 switch. I've been looking around and i know you have to put the ip nat inside source static tcp xxxx.xxxx.xxxx.xxxx interface whatever. and then put in the access-list. did that and its still not working. i know i'm missing something. heres my config. Thanks in advance.
!
no aaa new-model
ip subnet-zero
no ip source-route
ip cef
!
!
no ip dhcp conflict logging
!
ip dhcp pool client
network 192.168.255.0 255.255.255.0
default-router 192.168.255.1
dns-server 192.168.1.41 4.2.2.2 4.2.2.3
domain-name henry.local
!
!
!
!
!
!
interface FastEthernet0/0
description WAN
ip address dhcp
no ip unreachables
ip nat outside
no ip mroute-cache
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
no ip address
no ip mroute-cache
shutdown
!
interface FastEthernet0/1
description LAN
ip address 192.168.255.1 255.255.255.0
ip nat inside
no ip mroute-cache
speed auto
full-duplex
no cdp enable
!
ip nat inside source list 10 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.1.10 3389 interface FastEthernet0/0 3389
no ip http server
ip classless
ip default-network 192.168.255.0
!
!
access-list 10 permit 192.168.255.0 0.0.0.255
access-list 10 permit 192.168.1.0 0.0.0.255
access-list 120 permit tcp any any eq 3389
access-list 120 permit tcp any any eq www
access-list 120 permit tcp any any eq ftp
access-list 120 permit tcp any any eq 443
access-list 120 permit tcp any any eq 22
access-list 120 permit tcp any any eq smtp
!
line con 0
line aux 0
line vty 0 4
password
login
!
!
end
ASKER
Excuse my ignorance i'm pretty new to cisco routers i got it a couple days ago. What is the ACL for inbound traffic? i thought thats what the ip nat insouce was.
I'm not at home right now so i can't test what you wanted me to. i will tell you i can rdp when it's just the linksys.
what do you mean telnet through the router on port 3389
I'm not at home right now so i can't test what you wanted me to. i will tell you i can rdp when it's just the linksys.
what do you mean telnet through the router on port 3389
ASKER
i guess i'm not getting it. do i forward to my linksys (that has port forwarding enabled also) that comes right after the cisco router, or directly to the server i want to have rdp?
what is the ACL i need for incoming requests?
what is the ACL i need for incoming requests?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
alright yeah i don't really have a good reason for having the linksys wrt 54g right after the cisco. I'm going to remove the linksys and plug it into my switch and use it as an access point and then see if it works. both are on NAT and i just was informed that was a bad idea.
so i do... ip nat inside source static tcp (myserver) 3389 interface fastethernet0/0 3389
then do... access-list permit 120 tcp (my server) interface fastethernet0/0 eq 3389
is this correct? or do i do 0/1 on the second one?
so i do... ip nat inside source static tcp (myserver) 3389 interface fastethernet0/0 3389
then do... access-list permit 120 tcp (my server) interface fastethernet0/0 eq 3389
is this correct? or do i do 0/1 on the second one?
ASKER
hey thanks for the help. i got the RDP working with out the linksys.
what is the acl for port redirection with a remote desktop. like say i wanted to do <my host>:3389
how would i go about that?
what is the acl for port redirection with a remote desktop. like say i wanted to do <my host>:3389
how would i go about that?
ASKER
oops sorry i meant <my host> :3390
ASKER
thanks for the help i appreciate it.
You have already created the ACL. You need to apply it to the correct interface:
conf t
int fa0/0
access-group 120
end
write mem
Does it work if you plug a PC in next to the 2621 and RDP straight through the Linksys?
IE:
PC -|_____WRT54G---Switch
2621 -|
Can you telnet through the router on port 3389?