Solved: Re: Remote access from Outside Network

Cdaniel.rios · ‎08-24-2020

Hello everyone! I have a question with an exercise I am doing as a practice, and i really appreciate your help.
I have configured all the equipment and there is a satisfactory connection between the ones I have selected.
From PC Control (above) I can establish connection via Telnet to R1 and R2, and SSH to R3, The problem I have is that I want to connect via Telnet to the switches (S1, S2 and S3) but I can not do it.
I´m using Packet Tracer 7.3.1

I share the file with you so that you can explore it and if you are so kind to help me out of this doubt.

Cdaniel.rios · ‎08-27-2020

The final solution that i found was to map the R3 Private IP (172.16.3.130) to the Public i get from the ISP (209.165.200.2) port 22

ip nat inside source static tcp 172.16.3.130 22 209.165.200.2 22

I Configured Different ACLs to only allow telnet to S1, S2, S3, R1 and R2 from R3.

For a practice it is good for me!

Now i can SSH it from PC Control and once the connection is established i go to other devices in the Internal network and manage them.

Thanks for your help anyway!

View solution in original post

Martin L · ‎08-24-2020

Pings are Ok but a bit on slow side but I think your NAT is blocking telnet; I will check but you may need to add static nat statement allowing telnet to translate , aka go thru nat.

Regards, ML
**Please Rate All Helpful Responses **

Cdaniel.rios · ‎08-24-2020

Yes, it's exactly that, when i apply PAT it blocks the Telnet.... How should i do then if i want to use PAT.?

Martin L · ‎08-25-2020

i tried a bit but could not do it; this may be PT bug since it shows 192.168.10.101 translations on R2 but it should not. you may try to look at this on GNS3, if I have time, i will check it out as well

Cdaniel.rios · ‎08-25-2020

I appreciate your help! I have been trying in so many different ways and had no success!!

Could you please tell me what command you used to test it? To compare with mine.!

Martin L · ‎08-25-2020

show ip nat translation - do that after PC tries to telnet ; then, check when pc do pings.

Cdaniel.rios · ‎08-25-2020

Ok, I know the way to see the translations, what i mean is, how you
configured the NAT. Is possible that a bug like that exist on Packet Tracer
or i misconfigured something else?

Martin L · ‎08-25-2020

i think it PT bug or limitation but give me 24 hrs to check this on gns3;

Cdaniel.rios · ‎08-25-2020

Thank you so much. I really appreciate your help!!

Cdaniel.rios · ‎08-26-2020

I got the solution. I mapped one Public IP to each device I wanted to
configure, and with PAT it works well, it's not a Packet Tracer Bug then.

Thanks so much for your help!!

Martin L · ‎08-27-2020

Static NAT mapping 1 to 1 always works; I was looking into NVI NAT as solution but my 7200s routers do not support NVI.

So, while looking for different IOS, I came across "extended" or "extendable" option in NAT.

Static NaT in PT should work as I was told. Anyway, glad you got it working!

Cdaniel.rios · ‎08-27-2020