Solved

Cisco 1811 router Port forwarding

Posted on 2013-01-31
12
238 Views
Last Modified: 2014-11-15
Hello experts,

I have a cisco 1811 that I need to simply add a port forward to it to a server on the other side. I am not good with commands in cisco so a walk thru to add the ports would be much appreciated. I also have access to the CCP software to do it that way as well. thanks so much and let me know if you need anymore info.
0
Comment
Question by:kjamez
  • 4
  • 3
  • 2
  • +1
12 Comments
 
LVL 20

Expert Comment

by:rauenpc
ID: 38842381
0
 

Expert Comment

by:gaurav_mcp
ID: 38842470
ok

this is very simple
first define NAT inside and NAT outside on port
then you can define nat by this command
for example you want to send http request on port 8080 rather then port 80 from you internal user,and your user ip is 172.16.10.8
ip nat inside source static tcp 172.16.10.8 80 172.16.10.8 8080
0
 
LVL 9

Expert Comment

by:Sandeep Gupta
ID: 38842700
don't forget to do:

ip forward-protocol nd
0
 

Author Comment

by:kjamez
ID: 38843515
thanks for the responses.

Do I run this command at the first prompt when I telnet into the router?  Thanks
0
 

Author Comment

by:kjamez
ID: 38843661
Let me be more descriptive. I need to forward port 3389 from the internet to an inside source listening on 3389. The cisco interface is fastethernet 1. I telneted to the router and logged in. I am at a cisco1811# prompt. What commands do I need to do?

I tried doing the above but still doesnt work. I may have done something wrong. Thanks again
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 9

Expert Comment

by:Sandeep Gupta
ID: 38843930
you need to define ACL for doing it so like this

ip access-list 100 permit ip any eq 3389 any eq 3389

then apply acl 100 to your desired interface.
0
 
LVL 20

Expert Comment

by:rauenpc
ID: 38844245
So that we can be more precise, post the router config but remove identifying information like usernames/passwords and full public ip addresses.
0
 

Author Comment

by:kjamez
ID: 38845955
Here is my config. thanks

Building configuration...

Current configuration : 38945 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Cisco1811
!
boot-start-marker
boot system flash:c181x-advipservicesk9-mz.124-24.T.bin
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging message-counter syslog
logging buffered 99999
no logging console
enable secret 5 $1$p1aJ$ce/t5Syl7lEp6SbrPJ775/
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authentication login ciscocp_vpn_xauth_ml_2 local
aaa authorization exec local_author local
aaa authorization network ciscocp_vpn_group_ml_1 local
aaa authorization network ciscocp_vpn_group_ml_2 local
!
!
aaa session-id common
clock timezone PCTime -6
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
!
crypto pki trustpoint TP-self-signed-3540080443
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3540080443
 revocation-check none
 rsakeypair TP-self-signed-3540080443
!
!
crypto pki certificate chain TP-self-signed-3540080443
 certificate self-signed 01
  30820253 308201BC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33353430 30383034 3433301E 170D3038 31303139 31333037
  33325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35343030
  38303434 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100E123 303C9EDE F67626FB BF1FB27C 168450EE F0C43AE4 BFDD9E9E D7B0FD3F
  BE321D30 723BE3ED 416FB57C 8A381366 8B6994FB B6F10D43 9F89D86A 33E5292D
  60B20122 4BBA56C8 39DF5996 C4D00493 07A44568 C9F9BF3D 5281E4CC 967D62EB
  273C4E88 65B1112C 92BE8A61 9BC2A259 6AA7DD1F 5AE6B0C2 A903505D F77A2177
  89CF0203 010001A3 7B307930 0F060355 1D130101 FF040530 030101FF 30260603
  551D1104 1F301D82 1B436973 636F3138 31312E62 65727279 61766961 74696F6E
  2E636F6D 301F0603 551D2304 18301680 14A39EE7 A3F52660 E23FED50 CDD29C8E
  28A8AA5A F7301D06 03551D0E 04160414 A39EE7A3 F52660E2 3FED50CD D29C8E28
  A8AA5AF7 300D0609 2A864886 F70D0101 04050003 8181008C 5E9815BA B2DDA643
  23A5A45F 4690C35B D21767E8 FB5C62A9 8D0C1BEC 9C598B10 C9370926 02F331C6
  6BC0D1E5 EAFE88C7 4CE27F21 723F49B7 B924DD07 2C0007F5 36D0BD2A 01BE7F44
  C81AB6AD 2AF7D9B1 CFD27A18 D966B6D2 B60E12F7 67F5A31B 015A091C C5FA21AB
  9E841D7C 6DA4F8D2 1E70A4C6 C9BE6817 3D252FCA 34DE77
        quit
dot11 syslog
no ip source-route
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.1.2.1 10.1.2.49
ip dhcp excluded-address 10.1.2.225 10.1.2.254
!
ip dhcp pool VLan2
   import all
   network 10.1.2.0 255.255.255.0
   domain-name mydomain.com
   dns-server 24.93.40.62 24.93.40.63
   default-router 10.1.2.1
!
!
ip cef
no ip bootp server
ip domain name mydomain.com
ip name-server 10.1.1.15
ip inspect name DEFAULT100 cuseeme
ip inspect name DEFAULT100 ftp
ip inspect name DEFAULT100 h323
ip inspect name DEFAULT100 icmp
ip inspect name DEFAULT100 netshow
ip inspect name DEFAULT100 rcmd
ip inspect name DEFAULT100 realaudio
ip inspect name DEFAULT100 rtsp
ip inspect name DEFAULT100 esmtp
ip inspect name DEFAULT100 sqlnet
ip inspect name DEFAULT100 streamworks
ip inspect name DEFAULT100 tftp
ip inspect name DEFAULT100 tcp
ip inspect name DEFAULT100 udp
ip inspect name DEFAULT100 vdolive
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW vdolive
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
username admin privilege 15 secret 5 $1$H.cL$WINBEp3w2v7jne0qePSRz/
username bagram password 7 121B000500125D
!
!
crypto isakmp policy 1
 authentication pre-share
!
crypto isakmp policy 2
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 3
 authentication pre-share
 group 2
!
crypto isakmp policy 4
 authentication pre-share
!
crypto isakmp client configuration group ba_vpn
 key password
 pool SDM_POOL_1
 netmask 255.255.255.0
!
crypto isakmp client configuration group ba_vpn2
 key password
 pool SDM_POOL_1
 acl 111
 netmask 255.255.255.0
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
crypto ipsec transform-set myset esp-3des esp-md5-hmac
!
crypto ipsec profile CiscoCP_Profile1
 set transform-set ESP-3DES-SHA
!
crypto ipsec profile CiscoCP_Profile2
 set transform-set ESP-3DES-SHA1
!
!
crypto dynamic-map dynmap 10
 set transform-set myset
 reverse-route remote-peer X.X.197.97
!
!
crypto map clientmap client authentication list ciscocp_vpn_xauth_ml_1
crypto map clientmap isakmp authorization list ciscocp_vpn_group_ml_1
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
!
archive
 log config
  hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface Null0
 no ip unreachables
!
interface FastEthernet0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet1
 description $ES_WAN$$ETH-WAN$$FW_OUTSIDE$
 ip address X.X.197.100 255.255.255.248
 ip access-group 105 in
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat outside
 ip inspect SDM_LOW out
 ip virtual-reassembly
 duplex auto
 speed auto
 snmp trap ip verify drop-rate
 crypto map clientmap
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
 switchport access vlan 2
!
interface FastEthernet9
 switchport mode trunk
!
interface Virtual-Template1 type tunnel
 ip unnumbered FastEthernet1
 shutdown
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile CiscoCP_Profile1
!
interface Virtual-Template2 type tunnel
 ip unnumbered FastEthernet1
 shutdown
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile CiscoCP_Profile2
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$$ES_LAN$$FW_INSIDE$
 ip address 10.1.1.3 255.255.255.0
 ip access-group 103 in
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Vlan2
 ip address 10.1.2.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
!
interface Async1
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 encapsulation slip
!
ip local pool SDM_POOL_2 10.1.1.175 10.1.1.180
ip local pool SDM_POOL_1 10.1.3.1 10.1.3.100
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 X.X.197.97
ip http server
ip http access-class 5
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip nat inside source list 110 interface FastEthernet1 overload
ip nat inside source static tcp 10.1.1.11 3389 10.1.1.11 3389 extendable
ip nat inside source static tcp 10.1.1.12 1521 X.X.197.100 1521 route-map SDM_RMAP_4 extendable
ip nat inside source static tcp 10.1.1.12 1522 X.X.197.100 1522 route-map SDM_RMAP_3 extendable
ip nat inside source static tcp 10.1.1.12 1526 X.X.197.100 1526 route-map SDM_RMAP_2 extendable
ip nat inside source static tcp 10.1.1.11 3389 X.X.197.100 3389 route-map SDM_RMAP_5 extendable
!
ip access-list extended sdm_fastethernet1_out
 remark CCP_ACL Category=1
 permit tcp any any
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 2 remark SDM_ACL Category=2
access-list 2 permit 10.1.2.0 0.0.0.255
access-list 3 remark SDM_ACL Category=2
access-list 3 permit 10.1.1.0 0.0.0.255
access-list 4 remark SDM_ACL Category=2
access-list 4 permit 10.1.2.0 0.0.0.255
access-list 5 remark HTTP Access-class list
access-list 5 remark SDM_ACL Category=1
access-list 5 permit 10.1.1.0 0.0.0.255
access-list 5 deny   any
access-list 100 remark auto generated by Cisco SDM Express firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny   ip X.X.197.0 0.0.0.255 any
access-list 100 deny   ip host 255.255.255.255 any
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by Cisco SDM Express firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp host 24.93.41.126 eq domain host X.X.197.100
access-list 101 permit udp host 24.93.41.125 eq domain host X.X.197.100
access-list 101 permit tcp any host X.X.197.100 eq 1723
access-list 101 permit tcp any host X.X.197.100 eq smtp
access-list 101 permit tcp any host X.X.197.100 eq www
access-list 101 permit tcp any host X.X.197.100 eq pop3
access-list 101 permit tcp any host X.X.197.100 eq 1521
access-list 101 permit tcp any host X.X.197.100 eq 1522
access-list 101 permit tcp any host X.X.197.100 eq 1526
access-list 101 permit tcp any host X.X.197.100 eq 3389
access-list 101 permit tcp any host X.X.197.100 eq 5631
access-list 101 permit tcp any host X.X.197.100 eq 5641
access-list 101 permit udp any host X.X.197.100 eq 5642
access-list 101 permit udp any host X.X.197.100 eq 5632
access-list 101 permit tcp any host X.X.197.101 eq 3389
access-list 101 permit tcp any host X.X.197.101 eq 5631
access-list 101 permit udp any host X.X.197.101 eq 5632
access-list 101 deny   ip 10.1.1.0 0.0.0.255 any
access-list 101 permit icmp any host X.X.197.100 echo-reply
access-list 101 permit icmp any host X.X.197.100 time-exceeded
access-list 101 permit icmp any host X.X.197.100 unreachable
access-list 102 remark VTY Access-class list
access-list 102 remark SDM_ACL Category=1
access-list 102 permit ip 10.1.1.0 0.0.0.255 any
access-list 102 deny   ip any any
access-list 103 remark auto generated by SDM firewall configuration
access-list 103 remark CCP_ACL Category=1
access-list 103 permit udp any range 49152 53247 any range 49152 53247
access-list 103 permit tcp any range 1719 1720 any range 1719 1720
access-list 103 deny   ip X.X.197.96 0.0.0.7 any
access-list 103 deny   ip host 255.255.255.255 any
access-list 103 deny   ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any
access-list 104 remark auto generated by SDM firewall configuration
access-list 104 remark SDM_ACL Category=1
access-list 104 permit udp any host X.X.197.101 eq 5632
access-list 104 permit tcp any host X.X.197.101 eq 5631
access-list 104 permit tcp any host X.X.197.101 eq 3389
access-list 104 permit udp any host X.X.197.100 eq 5642
access-list 104 permit tcp any host X.X.197.100 eq 5641
access-list 104 permit udp any host X.X.197.100 eq 5632
access-list 104 permit tcp any host X.X.197.100 eq 5631
access-list 104 permit tcp any host X.X.197.100 eq 3389
access-list 104 permit tcp any host X.X.197.100 eq 1723
access-list 104 permit tcp any host X.X.197.100 eq 1526
access-list 104 permit tcp any host X.X.197.100 eq 1522
access-list 104 permit tcp any host X.X.197.100 eq 1521
access-list 104 permit tcp any host X.X.197.100 eq pop3
access-list 104 permit tcp any host X.X.197.100 eq www
access-list 104 permit tcp any host X.X.197.100 eq smtp
access-list 104 deny   ip 10.1.1.0 0.0.0.255 any
access-list 104 permit icmp any host X.X.197.100 echo-reply
access-list 104 permit icmp any host X.X.197.100 time-exceeded
access-list 104 permit icmp any host X.X.197.100 unreachable
access-list 104 deny   ip 10.0.0.0 0.255.255.255 any
access-list 104 deny   ip 172.16.0.0 0.15.255.255 any
access-list 104 deny   ip 192.168.0.0 0.0.255.255 any
access-list 104 deny   ip 127.0.0.0 0.255.255.255 any
access-list 104 deny   ip host 255.255.255.255 any
access-list 104 deny   ip host 0.0.0.0 any
access-list 104 deny   ip any any log
access-list 105 remark auto generated by SDM firewall configuration
access-list 105 remark CCP_ACL Category=1
access-list 105 permit udp any host X.X.197.100 eq non500-isakmp
access-list 105 permit udp any host X.X.197.100 eq isakmp
access-list 105 permit udp any range 49152 53247 any range 49152 53247
access-list 105 permit tcp any range 1719 1720 any range 1719 1720
access-list 105 permit esp any host X.X.197.100
access-list 105 permit ahp any host X.X.197.100
access-list 105 permit udp any host X.X.197.101 eq 5632
access-list 105 permit tcp any host X.X.197.101 eq 5631
access-list 105 permit tcp any host X.X.197.101 eq 3389
access-list 105 permit udp any host X.X.197.100 eq 5642
access-list 105 permit tcp any host X.X.197.100 eq 5641
access-list 105 permit udp any host X.X.197.100 eq 5632
access-list 105 permit tcp any host X.X.197.100 eq 5631
access-list 105 permit tcp any host X.X.197.100 eq 3389
access-list 105 permit tcp any host X.X.197.100 eq 1723
access-list 105 permit tcp any host X.X.197.100 eq 1526
access-list 105 permit tcp any host X.X.197.100 eq 1522
access-list 105 permit tcp any host X.X.197.100 eq 1521
access-list 105 permit tcp any host X.X.197.100 eq pop3
access-list 105 permit tcp any host X.X.197.100 eq smtp
access-list 105 deny   ip 10.1.1.0 0.0.0.255 any
access-list 105 permit icmp any host X.X.197.100 echo-reply
access-list 105 permit icmp any host X.X.197.100 time-exceeded
access-list 105 permit icmp any host X.X.197.100 unreachable
access-list 105 deny   ip 10.0.0.0 0.255.255.255 any
access-list 105 deny   ip 172.16.0.0 0.15.255.255 any
access-list 105 deny   ip 192.168.0.0 0.0.255.255 any
access-list 105 deny   ip 127.0.0.0 0.255.255.255 any
access-list 105 deny   ip host 255.255.255.255 any
access-list 105 deny   ip host 0.0.0.0 any
access-list 105 deny   ip any any log
access-list 106 remark CCP_ACL Category=4
access-list 106 permit ip 10.1.1.0 0.0.0.255 any
access-list 106 permit ip 10.1.2.0 0.0.0.255 any
access-list 107 remark CCP_ACL Category=2
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.100
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.99
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.98
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.97
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.96
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.95
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.94
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.93
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.92
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.91
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.90
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.89
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.88
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.87
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.86
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.85
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.84
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.83
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.82
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.81
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.80
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.79
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.78
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.77
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.76
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.75
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.74
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.73
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.72
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.71
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.70
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.69
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.68
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.67
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.66
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.65
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.64
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.63
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.62
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.61
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.60
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.59
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.58
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.57
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.56
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.55
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.54
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.53
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.52
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.51
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.50
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.49
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.48
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.47
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.46
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.45
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.44
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.43
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.42
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.41
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.40
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.39
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.38
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.37
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.36
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.35
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.34
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.33
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.32
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.31
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.30
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.29
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.28
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.27
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.26
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.25
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.24
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.23
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.22
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.21
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.20
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.19
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.18
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.17
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.16
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.15
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.14
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.13
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.12
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.11
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.10
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.9
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.8
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.7
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.6
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.5
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.4
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.3
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.2
access-list 107 deny   ip host 10.1.1.12 host 10.1.3.1
access-list 107 permit tcp host 10.1.1.12 eq 1526 any
access-list 108 remark CCP_ACL Category=2
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.100
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.99
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.98
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.97
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.96
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.95
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.94
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.93
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.92
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.91
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.90
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.89
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.88
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.87
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.86
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.85
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.84
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.83
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.82
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.81
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.80
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.79
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.78
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.77
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.76
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.75
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.74
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.73
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.72
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.71
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.70
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.69
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.68
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.67
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.66
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.65
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.64
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.63
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.62
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.61
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.60
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.59
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.58
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.57
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.56
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.55
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.54
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.53
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.52
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.51
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.50
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.49
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.48
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.47
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.46
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.45
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.44
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.43
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.42
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.41
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.40
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.39
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.38
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.37
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.36
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.35
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.34
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.33
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.32
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.31
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.30
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.29
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.28
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.27
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.26
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.25
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.24
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.23
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.22
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.21
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.20
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.19
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.18
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.17
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.16
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.15
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.14
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.13
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.12
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.11
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.10
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.9
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.8
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.7
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.6
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.5
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.4
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.3
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.2
access-list 108 deny   ip host 10.1.1.12 host 10.1.3.1
access-list 108 permit tcp host 10.1.1.12 eq 1522 any
access-list 109 remark CCP_ACL Category=2
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.100
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.99
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.98
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.97
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.96
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.95
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.94
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.93
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.92
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.91
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.90
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.89
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.88
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.87
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.86
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.85
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.84
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.83
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.82
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.81
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.80
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.79
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.78
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.77
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.76
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.75
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.74
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.73
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.72
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.71
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.70
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.69
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.68
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.67
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.66
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.65
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.64
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.63
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.62
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.61
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.60
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.59
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.58
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.57
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.56
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.55
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.54
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.53
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.52
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.51
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.50
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.49
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.48
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.47
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.46
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.45
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.44
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.43
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.42
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.41
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.40
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.39
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.38
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.37
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.36
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.35
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.34
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.33
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.32
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.31
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.30
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.29
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.28
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.27
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.26
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.25
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.24
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.23
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.22
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.21
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.20
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.19
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.18
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.17
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.16
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.15
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.14
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.13
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.12
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.11
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.10
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.9
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.8
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.7
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.6
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.5
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.4
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.3
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.2
access-list 109 deny   ip host 10.1.1.12 host 10.1.3.1
access-list 109 permit tcp host 10.1.1.12 eq 1521 any
access-list 110 deny   ip 10.1.2.0 0.0.0.255 10.1.3.0 0.0.0.255
access-list 110 deny   ip 10.1.1.0 0.0.0.255 10.1.3.0 0.0.0.255
access-list 110 permit ip 10.1.1.0 0.0.0.255 any
access-list 110 permit ip 10.1.2.0 0.0.0.255 any
access-list 110 deny   ip host 10.1.1.11 any
access-list 110 deny   tcp host 10.1.1.12 eq 1526 any
access-list 110 deny   tcp host 10.1.1.12 eq 1522 any
access-list 110 deny   tcp host 10.1.1.12 eq 1521 any
access-list 110 deny   tcp host 10.1.1.11 eq 3389 any
access-list 111 permit ip 10.1.1.0 0.0.0.255 any
access-list 111 permit ip 10.1.2.0 0.0.0.255 any
access-list 112 remark CCP_ACL Category=2
access-list 112 permit tcp host 10.1.1.11 eq 3389 any
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.100
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.99
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.98
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.97
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.96
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.95
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.94
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.93
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.92
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.91
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.90
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.89
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.88
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.87
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.86
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.85
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.84
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.83
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.82
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.81
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.80
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.79
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.78
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.77
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.76
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.75
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.74
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.73
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.72
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.71
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.70
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.69
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.68
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.67
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.66
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.65
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.64
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.63
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.62
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.61
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.60
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.59
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.58
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.57
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.56
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.55
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.54
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.53
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.52
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.51
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.50
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.49
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.48
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.47
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.46
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.45
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.44
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.43
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.42
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.41
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.40
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.39
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.38
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.37
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.36
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.35
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.34
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.33
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.32
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.31
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.30
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.29
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.28
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.27
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.26
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.25
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.24
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.23
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.22
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.21
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.20
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.19
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.18
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.17
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.16
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.15
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.14
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.13
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.12
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.11
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.10
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.9
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.8
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.7
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.6
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.5
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.4
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.3
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.2
access-list 112 deny   ip host 10.1.1.11 host 10.1.3.1
access-list 112 permit ip host 10.1.1.11 any
no cdp run

!
!
!
!
route-map SDM_RMAP_4 permit 1
 match ip address 109
!
route-map SDM_RMAP_5 permit 1
 match ip address 112
!
route-map SDM_RMAP_2 permit 1
 match ip address 107
!
route-map SDM_RMAP_3 permit 1
 match ip address 108
!
!
!
control-plane
!
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 login authentication local_authen
 transport output telnet
line 1
 modem InOut
 stopbits 1
 speed 115200
 flowcontrol hardware
line aux 0
 login authentication local_authen
 transport output telnet
line vty 0 4
 access-class 102 in
 authorization exec local_author
 login authentication local_authen
 transport input telnet ssh
line vty 5 15
 access-class 102 in
 authorization exec local_author
 login authentication local_authen
 transport input telnet ssh
!
scheduler interval 500
!
webvpn context Default_context
 ssl authenticate verify all
 !
 no inservice
!
end
0
 

Author Comment

by:kjamez
ID: 38845968
The IP address 10.1.1.11 is the local address I need for 3389.
0
 
LVL 9

Accepted Solution

by:
Sandeep Gupta earned 500 total points
ID: 38858458
"Let me be more descriptive. I need to forward port 3389 from the internet to an inside source listening on 3389. The cisco interface is fastethernet 1. I telneted to the router and logged in. I am at a cisco1811# prompt. What commands do I need to do? "

you need to add follwoing line in acl 105

permit ip any eq 3389 host 10.1.1.11 eq 3389

"Do I run this command at the first prompt when I telnet into the router?  "

router(config)#ip forward-protocol nd

Also I don't like irregular ACL...in your acls you have done perimt, deny permit ..deny..
 
good practice is first do permit in your acl whatever you  want and then deny all.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now