Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2316
Views
0
Helpful
17
Replies

Multiple Forwarded ports not showing as open.

mac989999
Level 1
Level 1

‎09-27-2012 06:30 PM - edited ‎03-04-2019 05:41 PM

Hello, I'm in need of assistance .

I have a client with a cisco 1841 router with a static public ip. He has 3 dvr's he wanted to acces from the internet and we opened the ports for the dvr's ip's. The issue were having is that only the first ip that we opened shows the port opened and works ok, the other 2 ip with their ports show closed.

Heres the code:

ip nat inside source list 190 interface FastEthernet0/0.1214 overload

ip nat inside source static tcp 10.161.2.141 5445 Public IP 5445 extendable

ip nat inside source static udp 10.161.2.141 5445 Public IP 5445 extendable

ip nat inside source static tcp 10.161.2.141 5446 Public IP 5446 extendable

ip nat inside source static udp 10.161.2.141 5446 Public IP 5446 extendable

ip nat inside source static udp 10.161.2.142 37775 Public IP 37775 extendable

ip nat inside source static tcp 10.161.2.142 37776 Public IP 37776 extendable

ip nat inside source static tcp 10.161.2.140 37777 Public IP 37777 extendable

ip nat inside source static udp 10.161.2.140 37778 Public IP 37778 extendable

ip nat inside source static 10.161.2.1 66.50.152.237

!

tcp 10.161.2.140 37777 Public IP 37777 works ok all others dont, can anyone point me in the right direction here, this simple thing has made a long day for me, and the ISP support is not getting back to us, slow....

I apreciate any help!

-Joseph

Ps. Attached a copy of our config txt some info has bee edited for privacy concers but the commans are there.

Labels:
135828-SDMConfig.txt.zip
0 Helpful
17 Replies 17

cadet alain
VIP Alumni
VIP Alumni
In response to mac989999

‎09-29-2012 05:48 AM

Hi,

As I already said before telnet is TCP so 3775 TCP is opened as your telnet showed.

So i would stick with the static PAT entry for TCP 3775 and do a sh ip nat translation | i x.x.x.x  where x.x.x.x is the IP from where you are telnetting from outside and see if there is a translation slot. This way at least we'll know if the NAT is ok.

if the telnet is still not working but the NAT is ok then I suggest you use RITE feature to sniff traffic on the inside interface

http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_rawip.html

use wireshark and save as pcap file and post here.

Also to get sure the listening ports/IP are ok use Nmap to scan for ports on hosts.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
0 Helpful

johnlloyd_13
Level 9
Level 9
In response to mac989999

‎09-29-2012 07:11 PM

hi,

did you obtain multiple public IP addresses from the ISP? or are you referring to the same "Public IP" (i.e. WAN IP address) as per your code?

could you try using the 'interface' keyword for your static NAT?

ip nat inside source static tcp 10.161.2.141 5445 interface 5445 extendable

0 Helpful

mac989999
Level 1
Level 1
In response to johnlloyd_13

‎09-30-2012 04:03 AM

Just 1 public ip,  gonna try the interface renaming. Wil let you know.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card