cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
672
Views
0
Helpful
1
Replies

Nat / Pat & Telnet

austgen
Level 1
Level 1

Can anyone tell me why I cannot get from the outside pointing at the outside address ( the dialer ) port 86, to port 23 on the inside,

The dialer is assigned a static address on connect. I can telnet into port 23 @ 10.10.10.2 from inside the router.

---------

Version

Cisco Internetwork Operating System Software

IOS (tm) C800 Software (C800-Y6-MW), Version 12.0(5)T, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1999 by cisco Systems, Inc.

Compiled Fri 23-Jul-99 01:30 by kpma

Image text-base: 0x000E9000, data-base: 0x00595000

ROM: TinyROM version 1.2(2)

Router uptime is 50 minutes

System returned to ROM by power-on

System image file is "flash:c800-y6-mw.120-5.T"

Cisco C802 (MPC850) processor (revision 1) with 43112K bytes of virtual memory.

Processor board ID JAD03500EH2

CPU part number 33

Bridging software.

Basic Rate ISDN software, Version 1.1.

1 Ethernet/IEEE 802.3 interface(s)

1 ISDN Basic Rate interface(s)

4M bytes of physical memory (DRAM)

8K bytes of non-volatile configuration memory

8M bytes of flash on board (4M from flash card)

-------------------------

Router#show config

Using 1693 out of 8062 bytes

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname Router

!

enable secret 5 xxxxxxxxxxxxxx

!

username xxxxxxxxx password 7 xxxxxxxxxxxxxx

!

!

!

!

ip subnet-zero

no ip source-route

ip dhcp excluded-address 10.10.10.1 10.10.10.34

!

ip dhcp pool bvd

network 10.10.10.0 255.255.255.0

default-router 10.10.10.1 255.255.255.0

dns-server xxxxxxxxx

domain-name xxxxxxx.net

lease 10

!

isdn switch-type basic-ni

!

!

process-max-time 200

!

interface Ethernet0

ip address 10.10.10.1 255.255.255.0

no ip directed-broadcast

no ip proxy-arp

ip nat inside

!

interface BRI0

no ip address

no ip directed-broadcast

encapsulation ppp

dialer pool-member 1

isdn switch-type basic-ni

isdn spid1 xxxxxxxxxxx

isdn spid2 xxxxxxxxxx

!

interface Dialer1

description ISP

ip address negotiated

no ip directed-broadcast

no ip proxy-arp

ip nat outside

encapsulation ppp

no ip split-horizon

dialer remote-name Cisco1

dialer idle-timeout 180

dialer string xxxxxxx class DialClass

dialer hold-queue 10

dialer load-threshold 225 either

dialer pool 1

dialer-group 1

ppp pap sent-username xxxxxxx password 7 xxxxxxxxxxx

ppp multilink

!

ip nat inside source list 101 interface Dialer1 overload

ip nat inside source static tcp 10.10.10.2 23 interface Dialer1 86

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

!

!

map-class dialer DialClass

access-list 18 permit 10.10.10.0 0.0.0.255

dialer-list 1 protocol ip permit

!

line con 0

exec-timeout 120 0

transport input none

stopbits 1

line vty 0 4

exec-timeout 0 0

login local

!

end

1 Reply 1

gerald.britton
Level 1
Level 1

You specified:

ip nat inside source list 101 interface Dialer1 overload

yet

access-list 18 permit 10.10.10.0 0.0.0.255

The effect of this combination is to deny everything, effectively diabling NAT

try changing the "101" to "18" in the first statement

Review Cisco Networking for a $25 gift card