Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
360
Views
0
Helpful
3
Replies

specify default port for connection

dgj
Level 1
Level 1

‎09-17-2004 02:22 AM - edited ‎03-02-2019 06:33 PM

i've set up a dsl vpn using cisco 837

need to be able to use tacacs and other stuff (such as tftp) but the connections appear to be attempting with the internet IP address rather than the routed LAN IP(inside the VPN on the b-end)

Ping (extended) works when specifying the thernet port of the router.

Is there a command in the config so that this IP address is used as a default for connections with TACACS+ and TFTP etc?

Thanks

Labels:
0 Helpful
3 Replies 3

a.awan
Level 4
Level 4

‎09-17-2004 04:34 AM

ip tftp source-interface

ip tacacs source-interface

0 Helpful

dgj
Level 1
Level 1
In response to a.awan

‎09-24-2004 02:23 AM

is it possible to set the "inside" interface as default for all connections out?

i'm able to ping etc. from PC's behind the router, but it seems to me that any other connections from the router itself have their source as the "external" IP address.....

What's the debug command to prove if this is true?

Thanks

Inside Interface:

interface Ethernet0

ip address 172.x.y.1 255.255.255.128

ip nat inside

ip tcp adjust-mss 1452

no ip mroute-cache

no cdp enable

hold-queue 100 out

Dialer :

interface Dialer1

ip address a.b.c.d 255.255.255.252

ip access-group 111 in

ip mtu 1492

ip nat outside

ip inspect myfw out

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname username@isp.domain

ppp chap password

ppp pap sent-username username@isp.domain password

ppp ipcp dns request

ppp ipcp wins request

crypto map

hold-queue 224 in

access-list 111 permit icmp any any administratively-prohibited

access-list 111 permit icmp any any echo

access-list 111 permit icmp any any echo-reply

access-list 111 permit icmp any any packet-too-big

access-list 111 permit icmp any any time-exceeded

access-list 111 permit icmp any any traceroute

access-list 111 permit icmp any any unreachable

access-list 111 permit udp any eq bootps any eq bootpc

access-list 111 permit udp any eq bootps any eq bootps

access-list 111 permit udp any eq domain any

access-list 111 permit esp any any

access-list 111 permit udp any any eq isakmp

access-list 111 permit udp any any eq 10000

access-list 111 permit tcp any any eq 1723

access-list 111 permit tcp any any eq 139

access-list 111 permit tcp 172.a.b.0 0.0.7.255 any eq telnet

access-list 111 permit tcp 172.c.d.0 0.0.0.255 any eq telnet

access-list 111 permit udp any any eq netbios-ns

access-list 111 permit udp any any eq netbios-dgm

access-list 111 permit gre any any

access-list 111 deny ip any any

(other access-lists but i don't think they're relevant!)

any ideas anyone?

0 Helpful

a.awan
Level 4
Level 4
In response to dgj

‎09-24-2004 02:32 AM

Packets sourced from the router usually have the source address of the interface through which the destination is reachable. I am not aware of any command that influences all communication originated from the router. When people do have a requirement to alter the source addresses for FTP, TFTP, TACACS, RADIUs, etc communication initiated from the router they use the commands like i posted in the previous message. What is your exact requirement?

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card