Remote logon

Hi,

Having just got my cisco 877VA router up and running I have now noticed that a day or two later when being away from home everything locally seems to work fine but I have a network aquarium controller for my tank that I can log on to remotely to check the parameters and alter several devices on my aquarium, I can't seem to see my aquarium controller externally i.e. from the internet I can usually check this on my ipad when I work away but I don't seem to see it now although it's still there locally.
I have checked all I.P. addresses and I've checked that I can see port 80 and can ping cannonz.dyndns.org which I can, it previously worked before I upgraded to my new cisco router.
Could someone please help me as what could be wrong.
Craig WalkerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Craig BeckCommented:
Please post the config (but remove usernames/passwords and any other info which could identify you).

Also just check that the controller has the correct subnet mask and gateway address.
0
Craig WalkerAuthor Commented:
Hi,

I have already checked subnet & gateway on the controller and that's fine I can still connect locally fine to it.

Here is my config and know there is probably more in here than I need but i'm unsure how to remove it in case I screw up my working config.

--------------------------------
aaa session-id common
!
memory-size iomem 10
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3233774123
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3233774123
 revocation-check none
 rsakeypair TP-self-signed-3233774123
!
!
crypto pki certificate chain TP-self-signed-3233774123
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33323333 37373431 3233301E 170D3133 30393137 31333338
  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32333337
  37343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100B254 C04208D2 ABF68D18 5B77C54E 7AE24FE2 6493A65E 3D67BDFA AC05CAAD
  2209BE2E DC621CE2 5682517E 3CA06F61 0C0FC713 2C0F84D8 FEBBF5CC 81A6EF17
  B768E110 C5FC6FB2 2750875C 7203BC16 39335314 CCF32034 5E042C2C 15F03FF1
  1BDF97A0 DBA757F9 42783E39 6AF59906 ACA416B4 3EC1E4D5 C935799B 9167D1FC
  AB850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 1403A635 385A6809 603E2C4A FF6F439B 6995E393 A2301D06
  03551D0E 04160414 03A63538 5A680960 3E2C4AFF 6F439B69 95E393A2 300D0609
  2A864886 F70D0101 05050003 81810073 3157A85E 120A5B1D 6C25453C 0DFB0F82
  9156EFF7 64E1A26B 4675C488 EF291E25 6C6C25CB 8CA95AB1 1FF6C2EB C12636D7
  50E2B83C A87225B3 87AC7CE1 679B1801 49E4B859 4BED67E2 6783EFB6 A50CC616
  C32228AD 625331FD 85361CEC 11E196E9 26D9638E 98D3235A 9D425AE8 1F06FEE0
  D332ED58 E0504C61 03F8939E 1EEF55
        quit
ip source-route
!
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
 import all
 network 192.168.1.0 255.255.255.0
 default-router 192.168.1.1
 domain-name cannonz.dyndns.org
 dns-server 208.67.220.220
 lease 4
!
ip dhcp pool VLAN20
 import all
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1
 domain-name cannonz.dyndns.org
 lease 4
!
!
ip cef
ip name-server 208.67.222.222
ip name-server 208.67.220.220
ip inspect name MYFW tcp
ip inspect name MYFW udp
no ipv6 cef
!
!
multilink bundle-name authenticated
vpdn enable
!
license udi pid CISCO887VA-SEC-K9 sn FCZ160592RB
!
!
username sysop privilege 15 password 7 08254E455D4C5D14
!
!
!
!
controller VDSL 0
!
!
!
!
bridge irb
!
!
!
!
interface Ethernet0
 no ip address
 shutdown
 no fair-queue
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
 description $ES_WAN$
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 2
 !
!
interface FastEthernet0
 switchport access vlan 20
 no ip address
 spanning-tree portfast
!
interface FastEthernet1
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet2
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet3
 no ip address
 pppoe-client dial-pool-number 1
 no cdp enable
!
interface Vlan1
 ip address 192.168.3.1 255.255.255.0
!
interface Vlan10
 description Internal Network
 no ip address
 ip nat inside
 ip virtual-reassembly in
 bridge-group 10
 bridge-group 10 spanning-disabled
!
interface Vlan20
 description Guest Network
 no ip address
 ip nat inside
 ip virtual-reassembly in
 bridge-group 20
 bridge-group 20 spanning-disabled
!
interface Dialer0
 ip address negotiated
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 2
 dialer-group 2
 ppp authentication chap pap callin
 ppp chap hostname ***********************
 ppp chap password 7 045A09055E731F
 ppp pap sent-username bthomehub@btbroadband.com password 7 00051105550958
!
interface Dialer1
 ip address negotiated
 ip access-group Internet-inbound-ACL in
 ip inspect MYFW out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 ppp authentication pap callin
 ppp pap sent-username ************************* password 7 141610085D5679
 ppp ipcp dns request
 ppp ipcp address accept
!
interface BVI10
 description Bridge to Internal Network
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface BVI20
 description Bridge to Guest Network
 ip address 192.168.2.1 255.255.255.0
 ip access-group Guest-ACL in
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http secure-server
!
!
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended Guest-ACL
 deny   ip any 192.168.1.0 0.0.0.255
 permit ip any any
ip access-list extended Internet-inbound-ACL
 permit udp any eq bootps any eq bootpc
 permit icmp any any echo
 permit icmp any any echo-reply
 permit icmp any any traceroute
 permit gre any any
 permit esp any any
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
dialer-list 1 protocol ip list 1
dialer-list 2 protocol ip permit
!
!
!
!
!
!
!
control-plane
!
bridge 10 route ip
bridge 20 route ip
!
line con 0
 password 7 09484C024D504F11
line aux 0
line vty 0 4
 password 7 070B23471A5C4106
 transport input all
!
end
0
Craig BeckCommented:
There's a lot of stuff in there you don't need.  I don't understand why you've got 2 dialer interfaces, or why you're bridging your interfaces - you shouldn't need to do any of that.

Anyhow, the config you posted has no nat statement to allow access to the controller from the internet.  Let's assume the controller is using 192.168.1.10 on port 80.

ip nat inside source tcp 192.168.1.10 80 interface dialer0 80
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Craig WalkerAuthor Commented:
Excuse my lack of cisco skills I'm only just feeling my way around CLI and i'm unsure of what I don't need other than typing no before the command I have to remove but I don't know which ones I don't need.
I basically just need one port with internet access and the rest can go if you can advise me what's not needed then I will remove those.
I have tried to add this command that you have highlighted but is won't seem to accept it I am doing something wrong or do I need to add this in a sub directory.?

conf t

ip nat inside source tcp 192.168.1.140 80 interface dialer0 80
0
Craig BeckCommented:
Oops my mistake...

ip nat inside source static tcp 192.168.1.140 80 interface dialer0 80

Try that and I'll give you a cleaner config :-)
0
Craig WalkerAuthor Commented:
Cheers that's it in test and working now :)

a cleaner config would be great
0
Craig WalkerAuthor Commented:
Hi,

Everything appears to be working now.
I would appreciate if you could give me a cleaner config as I have still to setup my Asa 5505 firewall and everytime I try it doesn't appear to work and I'm not sure if it is all that extra stuff I don't need in my router config that's causing it though.

Thanks
0
Craig BeckCommented:
Ok here's a cleaner config.  It should work exactly the same as what you have now, just with some unnecessary bits removed.

crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3233774123
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3233774123
 revocation-check none
 rsakeypair TP-self-signed-3233774123
!
!
crypto pki certificate chain TP-self-signed-3233774123
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33323333 37373431 3233301E 170D3133 30393137 31333338
  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32333337
  37343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100B254 C04208D2 ABF68D18 5B77C54E 7AE24FE2 6493A65E 3D67BDFA AC05CAAD
  2209BE2E DC621CE2 5682517E 3CA06F61 0C0FC713 2C0F84D8 FEBBF5CC 81A6EF17
  B768E110 C5FC6FB2 2750875C 7203BC16 39335314 CCF32034 5E042C2C 15F03FF1
  1BDF97A0 DBA757F9 42783E39 6AF59906 ACA416B4 3EC1E4D5 C935799B 9167D1FC
  AB850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 1403A635 385A6809 603E2C4A FF6F439B 6995E393 A2301D06
  03551D0E 04160414 03A63538 5A680960 3E2C4AFF 6F439B69 95E393A2 300D0609
  2A864886 F70D0101 05050003 81810073 3157A85E 120A5B1D 6C25453C 0DFB0F82
  9156EFF7 64E1A26B 4675C488 EF291E25 6C6C25CB 8CA95AB1 1FF6C2EB C12636D7
  50E2B83C A87225B3 87AC7CE1 679B1801 49E4B859 4BED67E2 6783EFB6 A50CC616
  C32228AD 625331FD 85361CEC 11E196E9 26D9638E 98D3235A 9D425AE8 1F06FEE0
  D332ED58 E0504C61 03F8939E 1EEF55
        quit
!
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
 import all
 network 192.168.1.0 255.255.255.0
 default-router 192.168.1.1
 domain-name cannonz.dyndns.org
 dns-server 208.67.220.220
 lease 4
!
ip dhcp pool VLAN20
 import all
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1
 domain-name cannonz.dyndns.org
 lease 4
!
!
ip cef
ip name-server 208.67.222.222
ip name-server 208.67.220.22
ip inspect name MYFW tcp
ip inspect name MYFW udp
!
username sysop privilege 15 password 7 08254E455D4C5D14
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
!
interface FastEthernet0
 switchport access vlan 20
 no ip address
 spanning-tree portfast
!
interface FastEthernet1
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet2
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface Vlan10
 description Internal Network
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan20
 description Guest Network
 ip address 192.168.2.1 255.255.255.0
 ip access-group Guest-ACL in
 ip nat inside
 ip virtual-reassembly in
!
interface Dialer0
 ip address negotiated
 ip access-group Internet-inbound-ACL in
 ip inspect MYFW out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer-group 1
 dialer persistent
 dialer idle-timeout 0
 ppp authentication chap callin
 ppp chap hostname bthomehub@btbroadband.com
 ppp chap password bthomehub@btbroadband.com
 ppp ipcp dns request
 ppp ipcp address accept
!
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended Guest-ACL
 deny   ip any 192.168.1.0 0.0.0.255
 permit ip any any
ip access-list extended Internet-inbound-ACL
 permit udp any eq bootps any eq bootpc
 permit icmp any any echo
 permit icmp any any echo-reply
 permit icmp any any traceroute
 permit gre any any
 permit esp any any
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
!
line con 0
 password 7 09484C024D504F11
line aux 0
line vty 0 4
 password 7 070B23471A5C4106
 transport input all
!
end

Open in new window

0
Craig WalkerAuthor Commented:
Nice one thanks ;)

So this is just a paste in and wri mem I take it or will I have to write erase my existing one first then paste and wri mem. ?
0
Craig BeckCommented:
Erase the current config (back it up first though).  Let it reload without saving changes and paste it in.

If it doesn't take all of the config the first time, just paste it in a second time then save it.

If it doesn't work, just put the config you originally had back on it.
0
Craig WalkerAuthor Commented:
Hi i'm now hotspotting from my ipad now as I have copied your updated one in but it appeared to have shutdown my dialer so I issued a no shutdown on that and I now have a cd & PPP chap authentication light on but can't ping anything externally.?
I also tried to paste my old config in and that's not working either :(
Here's where i'm at now with the new config you sent me.
this is a running copy after a reload.

--------------------------------
!
no aaa new-model
!
memory-size iomem 10
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3233774123
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3233774123
 revocation-check none
 rsakeypair TP-self-signed-3233774123
!
!
crypto pki certificate chain TP-self-signed-3233774123
 certificate self-signed 01
  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33323333 37373431 3233301E 170D3133 30393137 31333338
  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 32333337
  37343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100B254 C04208D2 ABF68D18 5B77C54E 7AE24FE2 6493A65E 3D67BDFA AC05CAAD
  2209BE2E DC621CE2 5682517E 3CA06F61 0C0FC713 2C0F84D8 FEBBF5CC 81A6EF17
  B768E110 C5FC6FB2 2750875C 7203BC16 39335314 CCF32034 5E042C2C 15F03FF1
  1BDF97A0 DBA757F9 42783E39 6AF59906 ACA416B4 3EC1E4D5 C935799B 9167D1FC
  AB850203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
  551D2304 18301680 1403A635 385A6809 603E2C4A FF6F439B 6995E393 A2301D06
  03551D0E 04160414 03A63538 5A680960 3E2C4AFF 6F439B69 95E393A2 300D0609
  2A864886 F70D0101 05050003 81810073 3157A85E 120A5B1D 6C25453C 0DFB0F82
  9156EFF7 64E1A26B 4675C488 EF291E25 6C6C25CB 8CA95AB1 1FF6C2EB C12636D7
  50E2B83C A87225B3 87AC7CE1 679B1801 49E4B859 4BED67E2 6783EFB6 A50CC616
  C32228AD 625331FD 85361CEC 11E196E9 26D9638E 98D3235A 9D425AE8 1F06FEE0
  D332ED58 E0504C61 03F8939E 1EEF55
        quit
ip source-route
!
!
!
ip dhcp excluded-address 192.168.1.1 192.168.1.99
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool VLAN10
 import all
 network 192.168.1.0 255.255.255.0
 default-router 192.168.1.1
 domain-name cannonz.dyndns.org
 dns-server 208.67.220.220
 lease 4
!
ip dhcp pool VLAN20
 import all
 network 192.168.2.0 255.255.255.0
 default-router 192.168.2.1
 domain-name cannonz.dyndns.org
 lease 4
!
!
ip cef
ip name-server 208.67.222.222
ip name-server 208.67.220.220
ip inspect name MYFW tcp
ip inspect name MYFW udp
no ipv6 cef
!
!
multilink bundle-name authenticated
license udi pid CISCO887VA-SEC-K9 sn FCZ160592RB
!
!
username sysop privilege 15 password 7 08254E455D4C5D14
!
!
!
!
controller VDSL 0
!
!
!
!
!
!
!
!
interface Ethernet0
 no ip address
 shutdown
 no fair-queue
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
 !
!
interface FastEthernet0
 switchport access vlan 20
 no ip address
 spanning-tree portfast
!
interface FastEthernet1
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet2
 switchport access vlan 10
 no ip address
 spanning-tree portfast
!
interface FastEthernet3
 no ip address
!
interface Vlan1
 no ip address
!
interface Vlan10
 description Internal Network
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
interface Vlan20
 description Guest Network
 ip address 192.168.2.1 255.255.255.0
!
interface Dialer0
 ip address negotiated
 ip access-group Internet-inbound-ACL in
 ip inspect MYFW out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1452
 dialer pool 1
 dialer idle-timeout 0
 dialer persistent
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname bthomehub@btbroadband.com
 ppp chap password 0 bthomehub@btbroadband.com
 ppp ipcp dns request
 ppp ipcp address accept
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended Guest-ACL
 deny   ip any 192.168.1.0 0.0.0.255
 permit ip any any
ip access-list extended Internet-inbound-ACL
 permit udp any eq bootps any eq bootpc
 permit icmp any any echo
 permit icmp any any echo-reply
 permit icmp any any traceroute
 permit gre any any
 permit esp any any
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
!
!
!
!
!
control-plane
!
!
line con 0
 password 7 09484C024D504F11
line aux 0
line vty 0 4
 password 7 070B23471A5C4106
 login
 transport input all
!
end
0
Craig BeckCommented:
Have you got an IP address on the Dialer interface? Can you post output from the following...

show ip interface brief
show ip route
0
Craig WalkerAuthor Commented:
Yes I have an internet ip on the dialer.

Router#show ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
ATM0                       unassigned      YES NVRAM  up                    up
Dialer0                    86.156.14.41    YES IPCP   up                    up
Ethernet0                  unassigned      YES NVRAM  administratively down down
FastEthernet0              unassigned      YES unset  down                  down
FastEthernet1              unassigned      YES unset  up                    up
FastEthernet2              unassigned      YES unset  down                  down
FastEthernet3              unassigned      YES unset  down                  down
NVI0                       unassigned      YES unset  administratively down down
Virtual-Access1            unassigned      YES unset  up                    up
Virtual-Access2            unassigned      YES unset  up                    up
Vlan1                      unassigned      YES unset  down                  down
Vlan10                     192.168.1.1     YES NVRAM  up                    up
Vlan20                     192.168.2.1     YES NVRAM  down                  down


Router#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S*    0.0.0.0/0 is directly connected, Dialer0
      86.0.0.0/32 is subnetted, 1 subnets
C        86.156.14.41 is directly connected, Dialer0
      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.1.0/24 is directly connected, Vlan10
L        192.168.1.1/32 is directly connected, Vlan10
      217.32.142.0/32 is subnetted, 1 subnets
C        217.32.142.102 is directly connected, Dialer0
0
Craig BeckCommented:
Ok, that looks good - the dialer interface has an IP address and a default route has been installed.

I think I missed the ip nat outside statement from the dialer:

interface Dialer0
 ip nat outside
0
Craig WalkerAuthor Commented:
Sorted m8 :)

It's amazing how one or two simple commands can screw you up in the cisco world ;)
wish I knew more about it but I only just get by with the basics for now.
I will now need to check my asa 5510 tomorrow as I've not managed to configure it yet but I think it appears to be an ip issue as It loads up by default with an ip of 192.168.1.1 which is conflicting with my router I think :(
So no doubt you may see another post in the next day or so if I can't resolve that.

Thanks again
0
Craig WalkerAuthor Commented:
sorry I have just run some tests and can't seem to logon remotely to my aquarium controller which is on 192.168.1.140  I have checked the config to see if ip nat inside source static tcp 192.168.1.140 80 interface dialer0 80 is set and it is.

Any suggestions as to what else it could be.
0
Craig BeckCommented:
Did you add that command after you put my config in?

If you did, try adding this...

ip access-list extended Internet-inbound-ACL
permit tcp any any eq http
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Craig WalkerAuthor Commented:
Hi that seems to have sorted it but the second line couldn't be accpected
but I cut it back to.

permit tcp any any

and that seemed to work will this be ok or is that wrong..?
0
Craig WalkerAuthor Commented:
Thank you for the help and patience and a resolve...
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.