amanzoor
asked on
Cisco 2911 Access list
Hi I am putting the entry for NAS cisco 324 (ip 10.10.10.80) in the router 2911:
what's up with the routers ACL:
I put
ip nat inside source static 10.10.10.80 X.X.X.X <<<.......Even if I put only this entry it opens up ports 8080,8081, 80 etc
and then under my access-list 101 I put:
permit tcp any host X.X.X.X eq 8080
How to manipulate the entry so that only port 8080 is allowed
NOte: since NAS 324 has its own web server, multimedia server its doing something of its on.
Help
forEEpuposesAccesslistNewFeb2011.txt
what's up with the routers ACL:
I put
ip nat inside source static 10.10.10.80 X.X.X.X <<<.......Even if I put only this entry it opens up ports 8080,8081, 80 etc
and then under my access-list 101 I put:
permit tcp any host X.X.X.X eq 8080
How to manipulate the entry so that only port 8080 is allowed
NOte: since NAS 324 has its own web server, multimedia server its doing something of its on.
Help
forEEpuposesAccesslistNewFeb2011.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
for the first option, you check it is in the config (and make sure you have removed the other nat config line relating to that ip) then see if you can do anything other than 8080
you can do the following command
show ip nat translations
but this will give you massive output and will probably not be of much use in a live environment, There are some other options you can add to that command but i don't remember them off the top of my head. type ? to get a list of options as you are typing the command
you can do the following command
show ip nat translations
but this will give you massive output and will probably not be of much use in a live environment, There are some other options you can add to that command but i don't remember them off the top of my head. type ? to get a list of options as you are typing the command
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
THanks guys for the suggestions, I really appreciate your time.
I opted for option 2: and it worked falwless.
I opted for option 2: and it worked falwless.
ASKER
through which command I can actually see if my applied settings for this particular ip have been applied and working? I have just applied your first suggested option. I need to find out if it actually is working on the router .
Help