Solved

NAT configuration on cisco 1941

Posted on 2011-03-01
5
1,395 Views
Last Modified: 2012-05-11
I am new in cisco, and I have one question about NAT. I have a 1941 router. I need to do port forwarding for TCP 2326-2365 and TCP/UDP 555-5560 from outside 63.100.100.1 to one of our internal server (IP 192.168.0.1). Please help me step by step how to do this. Also is it safe to open TCP/UDP 555-5560? It seems some Trojan are usng those ports. Thank you in advance.
0
Comment
Question by:weikiiro
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 13

Expert Comment

by:GuruChiu
ID: 35013578
You do mean 555-5560, not 5550-5560? The way Cisco implement port forwarding, you have to list the ports one by one. I do not aware a way to port forward a range. That means to forward port 555-5560 you need thousands of line. Pls confirm you indeed want 555 not 5550.
0
 
LVL 15

Expert Comment

by:WalkaboutTigger
ID: 35013665
So, based on the ports, I am presuming you're trying to make a Tandberg Classic Video Conferencing system available on the Internet to outside companies trying to make video calls to your company. (notes from http://www.vsgi.com/support/technical_faq.php)
So the following ports need to be opened in both directions:

TCP 1720
TCP 5555-5560
UDP 2326-2365

What version of the IOS are you running on the 1941?  We can crank out a configuration with explanations for you fairly quickly.
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 35014766
please show the whole config
0
 

Author Comment

by:weikiiro
ID: 35021202
Yes, we are trying to make a tanberg VC system available on the internet. I know how to open signal ports, but how can I open a range of ports?
TCP 1720
TCP 5555-5560
UDP 2326-2365

How can I find out my IOS? Thank you.
0
 
LVL 15

Accepted Solution

by:
WalkaboutTigger earned 500 total points
ID: 35021838
Here are my proposed changes:

name 192.168.0.1 Tandberg-Int
name 63.100.100.1 Tandberg-Ext
object-group service Tandberg-Ext-TCP tcp
 port-object eq h323
 port-object eq sip
 port-object range 5555-5560
object-group service Tandberg-Ext-UDP udp
 port-object eq sip
 port-object range 2326-2365
access-list outside_access_in extended permit udp any host Tandberg-Ext object-group Tandberg-Ext-UDP
access-list outside_access_in extended permit tcp any host Tandberg-Ext object-group Tandberg-Ext-TCP
static (inside,outside) Tandberg-Ext Tandberg-Int netmask 255.255.255.255
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SSH setup on ASA 5505 17 126
Static Route on Cisco ISR 4431's 4 58
Port forwarding on ubuntu 8 46
Cisco Switch slow_Faulty Link 7 57
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question