Solved

NAT configuration on cisco 1941

Posted on 2011-03-01
5
1,398 Views
Last Modified: 2012-05-11
I am new in cisco, and I have one question about NAT. I have a 1941 router. I need to do port forwarding for TCP 2326-2365 and TCP/UDP 555-5560 from outside 63.100.100.1 to one of our internal server (IP 192.168.0.1). Please help me step by step how to do this. Also is it safe to open TCP/UDP 555-5560? It seems some Trojan are usng those ports. Thank you in advance.
0
Comment
Question by:weikiiro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 13

Expert Comment

by:GuruChiu
ID: 35013578
You do mean 555-5560, not 5550-5560? The way Cisco implement port forwarding, you have to list the ports one by one. I do not aware a way to port forward a range. That means to forward port 555-5560 you need thousands of line. Pls confirm you indeed want 555 not 5550.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 35013665
So, based on the ports, I am presuming you're trying to make a Tandberg Classic Video Conferencing system available on the Internet to outside companies trying to make video calls to your company. (notes from http://www.vsgi.com/support/technical_faq.php)
So the following ports need to be opened in both directions:

TCP 1720
TCP 5555-5560
UDP 2326-2365

What version of the IOS are you running on the 1941?  We can crank out a configuration with explanations for you fairly quickly.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 35014766
please show the whole config
0
 

Author Comment

by:weikiiro
ID: 35021202
Yes, we are trying to make a tanberg VC system available on the internet. I know how to open signal ports, but how can I open a range of ports?
TCP 1720
TCP 5555-5560
UDP 2326-2365

How can I find out my IOS? Thank you.
0
 
LVL 15

Accepted Solution

by:
WalkaboutTigger earned 500 total points
ID: 35021838
Here are my proposed changes:

name 192.168.0.1 Tandberg-Int
name 63.100.100.1 Tandberg-Ext
object-group service Tandberg-Ext-TCP tcp
 port-object eq h323
 port-object eq sip
 port-object range 5555-5560
object-group service Tandberg-Ext-UDP udp
 port-object eq sip
 port-object range 2326-2365
access-list outside_access_in extended permit udp any host Tandberg-Ext object-group Tandberg-Ext-UDP
access-list outside_access_in extended permit tcp any host Tandberg-Ext object-group Tandberg-Ext-TCP
static (inside,outside) Tandberg-Ext Tandberg-Int netmask 255.255.255.255
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month8 days, 1 hour left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question