06-21-2011 06:41 PM - edited 03-04-2019 12:46 PM
Hi,
I hope there any someone here can help me out.
Apparently the problem seems simple enough however I couldn't get it working. My router is being configured to access a web server in the network which is on port 80. However, port 80 is being used by my router's setup page. Therefore whenever I key in my public IP address, it will just immediately direct me to the router's page.
I have also tried opening up other ports like 5050 and set my web server to port 5050. Internally within the LAN itself everyone can access the web server with port 5050. However, going from public IP address with port 5050 doesn't work. Am I missing anything here?
All the firewalls are configured.
Thanks in advanced.
Solved! Go to Solution.
06-29-2011 08:44 PM
Hi,
There is no firewall in between the router and the local lan. I type show ip nat translation and see this
udp xxx.xxx.xxx.xxx:80 192.168.1.8:80 xxx.xxx.xxx.xxx:81 xxx.xxx.xxx.xxx:81
and many others but there is no 5050.
Could this be the reason why it is going to the cisco 881? Is there anyway I can change the inside local into 192.168.1.39 (web server ip) so that we just continue using port 80 since it is confirmed that it can go into the local?
I have tried netstat -an also but there is no connection established when trying port 5050. We do have connections established to port 80 but that is still the router page.
Thanks in advanced.
06-30-2011 03:56 AM
Hi,
Your configuration looks good to me. Can you post "show ip nat translation | inc 5050" while connecting http://xxx.xx.xx.xxx:5050 from the internet? Just want to know if you have no problem with tcp/21 and tcp/1723 when connecting from the internet. Right?
HTH,
Toshi
06-30-2011 06:56 PM
Hi Toshi,
I have no problem with tcp/21 and tcp/1723 which is why I am confused here.
This is the result that I got from "show ip nat translation | inc 5050"
tcp xxx.xxx.xxx.xxx:5050 192.168.1.39:5050 --- ---
There is no outside local and outside global to it.
06-30-2011 08:47 PM
Hi,
It's weird. Please use "telnet xx.xx.xx.xx 5050" on PC when you are in the internet. Also post "show ip nat transaliton | inc 5050" here.
Toshi
06-30-2011 09:17 PM
Hi Toshi,
I did a telnet and it shows me Connecting to xxx.xxx.xxx.xxx ... Could not open connection to the host, on port 5050.
I tried telnet xxx.xxx.xxx.xxx without the port and it brings me directly to the console where I need to login.
the show ip nat translation | inc 5050 shows the same.
tcp xxx.xxx.xxx.xxx:5050 192.168.1.39:5050 --- ---
could it be because I'm on the same connection therefore I am unable to test it out?
06-30-2011 09:32 PM
Hi,
Are you sure that you use the command while telneting to the web server? It has to have any connection when showing it. If it still doesn't work. Please change it back to tcp/80 in NAT statement and then test the same process and then show the result.
Edit: I just want to make sure that tcp/5050 won't be blocked by ISP. Actually I should not.
HTH,
Toshi
06-30-2011 09:40 PM
Hi Toshi,
This is what I did. Please let me know if I am doing anything wrong here.
I used window 7 PC to test on the connection.
Firstly I open up the command prompt and type in telnet xxx.xxx.xxx.xxx 5050. However it is unable to connect to it. Therefore I type in just xxx.xxx.xxx.xxx without the port 5050.
I was able to get into the console and just resume typing in my username and password.
After which i type in show ip nat translation | inc 5050.
It shows the same thing
tcp xxx.xxx.xxx.xxx:5050 192.168.1.39:5050 --- ---
Could it be due to same connection with the window server and window 7 pc?
I tried on port 1723 and port 21 it cannot established connection as well however when I used the application that I used to connect port 1723 and port 21 I am able to get into it. The application is on a different line.
06-30-2011 09:44 PM
Hi,
Well, Please add this for testing.
!
ip access-list extend TEST-Connection
permit tcp any
permit ip any any
!
interface fastethernet4
ip access-group TEST-Connection in
!
And then test connections again
Toshi
06-30-2011 10:44 PM
Hi Toshi,
It is still returning the same result
06-30-2011 11:47 PM
Hi,
You didn't see any hit on tcp/5050. Right? It's kind weird. Please try the following steps.
!
Router(conf)#no ip nat inside source static tcp 192.168.1.39 5050 interface FastEthernet4 5050
Router(conf)#ip nat inside source static tcp 192.168.1.39 5050 xx.xx.xx.xx 5050
!
Trying to use http and telnet together. Please let me know the results,"show ip nat translation | inc 5050" and "show access-list".
I'm confused why you cannot open the connections with tcp/5050. Then let me see TCP/80.
!
Router(conf)#no ip nat inside source static tcp 192.168.1.39 5050 xx.xx.xx.xx 5050
Router(conf)#ip nat inside source static tcp 192.168.1.39 80 xx.xx.xx.xx 80
!
ip access-list TEST-Connection
5 permit tcp any
!
Please post the result if it works with tcp/80. "show ip nat translation | inc 80" and "show access-list"
.
HTH,
Toshi
07-01-2011 12:20 AM
Hi Toshi,
Just to clarify as I am really new to this. Do you mean by typing the following into the console?
!
Router(conf)#no ip nat inside source static tcp 192.168.1.39 5050 interface FastEthernet4 5050
Router(conf)#ip nat inside source static tcp 192.168.1.39 5050 xx.xx.xx.xx 5050
!
07-01-2011 12:23 AM
Hi,
Yes. Don't forget to show me the results and do the steps I provided.
Toshi
07-01-2011 12:37 AM
Hi Toshi,
Am I suppose to see anything after typing the long list of command? I am not seeing anything here.
It shows the same thing
tcp xxx.xxx.xxx.xxx:5050 192.168.1.39:5050 --- ---
tcp xxx.xxx.xxx.xxx:5050 192.168.1.39:80 --- ---
both 5050 and 80 access-list is showing
Standard IP access list 1
10 permit 192.168.1.0, wildcard bits 0.0.0.255 (616460434 matches)
07-01-2011 12:45 AM
Hi Guy,
Please carefully read the steps I provided. Please do each step.
You didn't see any hit on tcp/5050. Right? It's kind weird. Please try the following steps.
!
Router(conf)#no ip nat inside source static tcp 192.168.1.39 5050 interface FastEthernet4 5050
Router(conf)#ip nat inside source static tcp 192.168.1.39 5050 xx.xx.xx.xx 5050
!
Trying to use http and telnet together. Please let me know the results,"show ip nat translation | inc 5050" and "show access-list".
I'm confused why you cannot open the connections with tcp/5050. Then let me see TCP/80.
!
Router(conf)#no ip nat inside source static tcp 192.168.1.39 5050 xx.xx.xx.xx 5050
Router(conf)#ip nat inside source static tcp 192.168.1.39 80 xx.xx.xx.xx 80
!
ip access-list TEST-Connection
5 permit tcp any
!
Please post the result if it works with tcp/80. "show ip nat translation | inc 80" and "show access-list"
HTH,
Toshi
07-01-2011 01:14 AM
Hi,
This is what I did
Please let me know if I did anything wrong. Also, am I supposed to see anything when i type in those !Router ... stuff
Thanks for the help =)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide