Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1408
  • Last Modified:

NAT configuration on cisco 1941

I am new in cisco, and I have one question about NAT. I have a 1941 router. I need to do port forwarding for TCP 2326-2365 and TCP/UDP 555-5560 from outside 63.100.100.1 to one of our internal server (IP 192.168.0.1). Please help me step by step how to do this. Also is it safe to open TCP/UDP 555-5560? It seems some Trojan are usng those ports. Thank you in advance.
0
weikiiro
Asked:
weikiiro
1 Solution
 
GuruChiuCommented:
You do mean 555-5560, not 5550-5560? The way Cisco implement port forwarding, you have to list the ports one by one. I do not aware a way to port forward a range. That means to forward port 555-5560 you need thousands of line. Pls confirm you indeed want 555 not 5550.
0
 
WalkaboutTiggerCommented:
So, based on the ports, I am presuming you're trying to make a Tandberg Classic Video Conferencing system available on the Internet to outside companies trying to make video calls to your company. (notes from http://www.vsgi.com/support/technical_faq.php)
So the following ports need to be opened in both directions:

TCP 1720
TCP 5555-5560
UDP 2326-2365

What version of the IOS are you running on the 1941?  We can crank out a configuration with explanations for you fairly quickly.
0
 
Istvan KalmarCommented:
please show the whole config
0
 
weikiiroAuthor Commented:
Yes, we are trying to make a tanberg VC system available on the internet. I know how to open signal ports, but how can I open a range of ports?
TCP 1720
TCP 5555-5560
UDP 2326-2365

How can I find out my IOS? Thank you.
0
 
WalkaboutTiggerCommented:
Here are my proposed changes:

name 192.168.0.1 Tandberg-Int
name 63.100.100.1 Tandberg-Ext
object-group service Tandberg-Ext-TCP tcp
 port-object eq h323
 port-object eq sip
 port-object range 5555-5560
object-group service Tandberg-Ext-UDP udp
 port-object eq sip
 port-object range 2326-2365
access-list outside_access_in extended permit udp any host Tandberg-Ext object-group Tandberg-Ext-UDP
access-list outside_access_in extended permit tcp any host Tandberg-Ext object-group Tandberg-Ext-TCP
static (inside,outside) Tandberg-Ext Tandberg-Int netmask 255.255.255.255
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now