09-27-2012 06:30 PM - edited 03-04-2019 05:41 PM
Hello, I'm in need of assistance .
I have a client with a cisco 1841 router with a static public ip. He has 3 dvr's he wanted to acces from the internet and we opened the ports for the dvr's ip's. The issue were having is that only the first ip that we opened shows the port opened and works ok, the other 2 ip with their ports show closed.
Heres the code:
ip nat inside source list 190 interface FastEthernet0/0.1214 overload
ip nat inside source static tcp 10.161.2.141 5445 Public IP 5445 extendable
ip nat inside source static udp 10.161.2.141 5445 Public IP 5445 extendable
ip nat inside source static tcp 10.161.2.141 5446 Public IP 5446 extendable
ip nat inside source static udp 10.161.2.141 5446 Public IP 5446 extendable
ip nat inside source static udp 10.161.2.142 37775 Public IP 37775 extendable
ip nat inside source static tcp 10.161.2.142 37776 Public IP 37776 extendable
ip nat inside source static tcp 10.161.2.140 37777 Public IP 37777 extendable
ip nat inside source static udp 10.161.2.140 37778 Public IP 37778 extendable
ip nat inside source static 10.161.2.1 66.50.152.237
!
tcp 10.161.2.140 37777 Public IP 37777 works ok all others dont, can anyone point me in the right direction here, this simple thing has made a long day for me, and the ISP support is not getting back to us, slow....
I apreciate any help!
-Joseph
Ps. Attached a copy of our config txt some info has bee edited for privacy concers but the commans are there.
09-27-2012 11:58 PM
Hello ,
Are you able telnet the pots from you router ?
lets say from the router
telnet 10.161.2.141 5445 is this opening the socket ?
regards
Harish.
09-28-2012 02:45 AM
The device is a DVR, this is what I get:
mmsc-humacao#telnet 10.161.2.142 37775
Trying 10.161.2.142, 37775 ... Open
09-28-2012 02:50 AM
Hi,
Can you post sanitized config from the router.
Regards.
Alain
Don't forget to rate helpful posts.
09-28-2012 02:57 AM
It should be on my original post at the begining of the thread, does it show?
09-28-2012 02:51 AM
Hello Jose,
hmm.. That means those ports are actually not opened on the server itself. So it is not an issue of the router or port forwarding. The router is doing the job which is suppose to do. You may need to check with the server whether the service is really running from lan and you are able to telnet to that IP with port number..
please let me know if you have any further queries
Regards
Harish.
Please rate all helpful posts!
09-28-2012 02:54 AM
correction, I made error, that IP that I showed, the DVR was turned OFF power wise, this one Is on,
mmsc-humacao#telnet 10.161.2.142 37775
Trying 10.161.2.142, 37775 ... Open
But it shows open on router but not outside on the internet.
09-28-2012 05:19 AM
Hi,
telnet uses TCP and in your static NAT you are using UDP:
ip nat inside source static udp 10.161.2.142 37775 Public IP 37775 extendable
Regards.
Alain
Don't forget to rate helpful posts.
09-28-2012 07:08 PM
Tried with the TCP port:
mmsc-humacao#telnet 10.161.2.142 37776
Trying 10.161.2.142, 37776 ...
% Connection refused by remote host
any suggestions?
09-28-2012 11:32 PM
Hello Jose,
this shows that the server is either not listening to the port or it is refusing your connection
regards
Harish.
09-29-2012 05:06 AM
As I metioned at the begining this is for a DVR-Digital Video Recorder, aka security cameras.
Theres no firewalls setup, no servers, just internet-static ip,the 1841 router, a poe switch for powering accespoints and thas all, its a basic setup, One works ok, I can see the other one internally, but if one goes to a port checking tool on the net, the other 2 dvr pors show as closed, on my first post you can observe that the code was copied identical as for the one thats working, misus the ip and port info.
Any suggestions?
09-28-2012 11:45 PM
Hi,
Could you check the server's TCP/IP settings if correct? Is it able to ping the 1841?
Is there any firewall in between?
Sent from Cisco Technical Support iPad App
09-29-2012 05:08 AM
Yes I can Ping the 1841, internally and remotely from the internet using telnet.
No firewall, servers, and the isp doesnt block ports on theri end all we have is a static ip, all I can tell the issues lies within the router config, something is missing, what I dont know.
09-29-2012 01:28 AM
Hi,
mmsc-humacao#telnet 10.161.2.142 37775
Trying 10.161.2.142, 37775 ... Open
This means your host is listening on TCP port 37775 so change your NAT statement for this port to use TCP instead of UDP and try again from outside. Is it still failing ?
Regards.
Alain
Don't forget to rate helpful posts.
09-29-2012 05:14 AM
Just to check switched as you suggest, same issue, only 10.161.2.140 tcp 377777 shows open from the internet , code was copied exact for the other 2 dvrs but they dont show as open.
Thers no servers, firewals, etc... just static ip, the 1841, a switch with poe and 4 A/P.
The device is a DVR, Digital Video Recorder, this particular model uses 2 separate ports a TCP and UDP, 37775UDP and 37776TCP for external video viewing I need the TCP 37776 to work, neither one works, when one verifies ports on a port checking tool it shows that they are closed.
Suggestions...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide