cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3445
Views
0
Helpful
17
Replies

Port Forward Process for Cisco 851

mcalpin1
Level 1
Level 1

I purchased a Cisco 851 Router for the reliablity, but the process to manage the router to port forward a IP address for a internet camera ... I'm lost.  I will try the forums, versus paying a $400 dollar fee for support.

What is the process to have an internal IP address for my outdoor network camera visiable for WWW?

How do I port forward 10.10.10.40

How do I assign a static IP to this outdoor network camera?

I can access the Cisco SDM Express V2.5

17 Replies 17

Amit Aneja
Level 3
Level 3

Do you know how to use CLI? if yes, telnet into the router & capture the output of "show run".

If you could share that, I can give you can sample config to copy/paste.

What port does your internet camera uses?

Sorry, I don't know CLI but I'm willing to learn. 

I assume my port is 80 per Toshiba.

Go to command prompt & type in "telnet x.x.x.x" where x.x.x.x is the IP address of the router that you have configured, see if can get into the router.

If you can, type in "enable" & it will prompt you for a password, type in the password & you will a # sign. Type "show run" there

This is a long output, you would need to keep pressing "Space" untill it ends,

then copy the whole o/p

Still not complete ....Do you have a console cable..Its a blue cable that comes with the router ...??

If yes, you can connect that cable to your computer & router's console port..

Capture the o/p using the following link:

http://www.cisco.com/en/US/products/hw/routers/ps233/products_tech_note09186a00800a6bc0.shtml

Amit, thank you for your time. No, I don't have the cable anymore, but what I've provided you was from the telnet promt from Cisco Telnet window which is located on Cisco SDM express.  I could start over from your original process and see if I get more.

Authorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!

User Access Verification

Username: mcalpin1

Password:

% Password expiration warning.

-----------------------------------------------------------------------

Cisco Router and Security Device Manager (SDM) is installed on this device and

it provides the default username "cisco" for  one-time use. If you have already

used the username "cisco" to login to the router and your IOS image supports the

"one-time" user option, then this username has already expired. You will not be

able to login to the router with this username after you exit this session.

It is strongly suggested that you create a new username with a privilege level

of 15 using the following command.

username privilege 15 secret 0

Replace and with the username and password you want to

use.

-----------------------------------------------------------------------

yourname#enable

yourname#show run

Building configuration...

Current configuration : 6082 bytes

!

version 12.4

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname yourname

!

boot-start-marker

boot-end-marker

!

logging buffered 51200

logging console critical

enable secret 5 $1$X2gD$5wyK6VsADhUU1T5wBkVIp0

!

no aaa new-model

clock timezone PCTime -8

clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00

!

crypto pki trustpoint TP-self-signed-2356464123

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2356464123

revocation-check none

rsakeypair TP-self-signed-2356464123

!

!

crypto pki certificate chain TP-self-signed-2356464123

certificate self-signed 01

  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 32333536 34363431 3233301E 170D3038 30363133 32303238

  34395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 33353634

  36343132 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100D31D BC8A9833 FAFE8A90 5DDBE9BD 74856849 F8DED59A B3AC0CF0 15D31374

  D407A5D1 A14ED44D 2C15D488 CB48B0B0 77C7F2F7 74C85640 239D3D1F 54BF9644

  0D15C16A C9996587 E809E9D0 981A491A A07C621D 6A9A7CE5 1DFDAAA5 149913E6

  8587A81E FEBC7D41 0D67951B BBE22CD8 C11BE766 B70EABCA 371D9DFB A610F3B4

  50AB0203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603

  551D1104 1B301982 17796F75 726E616D 652E796F 7572646F 6D61696E 2E636F6D

  301F0603 551D2304 18301680 148BD858 50EA1EF8 F26A67C4 BD2F4A5A AD284D78

  84301D06 03551D0E 04160414 8BD85850 EA1EF8F2 6A67C4BD 2F4A5AAD 284D7884

  300D0609 2A864886 F70D0101 04050003 81810025 4B7A3BEB F7BCFE63 DF266DB1

  35C70156 52FA7E6D 6929A014 C44D7029 812EC0FA 99045D0F 1CCEA38E F7803423

  98D3DD4E 61B778CB 7416289B 31F56A27 82DC71B6 63301A11 F3ABF828 F98DA9DF

  DAC1E879 12F9F480 BDA29277 03F0A803 9546F83C D56B165C F1D9B4F7 B0F2E2EC

  F33F4B13 53D0D1C7 48F6E7FB 5452331A 026E34

        quit

dot11 syslog

!

dot11 ssid flower2

   vlan 1

   authentication open

   guest-mode

!

no ip source-route

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.10.1

!

ip dhcp pool sdm-pool1

   import all

   network 10.10.10.0 255.255.255.0

   default-router 10.10.10.1

!

!

ip cef

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

no ip bootp server

no ip domain lookup

ip domain name yourdomain.com

!

!

!

username mcalpin1 privilege 15 secret 5 $1$oYCa$JwJpDMPBCI89FYcc9vgwQ0

!

!

archive

log config

  hidekeys

!

!

ip tcp synwait-time 10

ip ssh time-out 60

ip ssh authentication-retries 2

!

bridge irb

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface FastEthernet4

description $FW_OUTSIDE$$ES_WAN$

ip address dhcp client-id FastEthernet4

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

!

interface Dot11Radio0

no ip address

!

encryption vlan 1 key 1 size 128bit 7 3821D66C62193F7BD0B9F0495A6A transmit-key

encryption vlan 1 mode wep mandatory

!

ssid flower2

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0

54.0

station-role root

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$

no ip address

bridge-group 1

!

interface BVI1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

ip forward-protocol nd

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface FastEthernet4 overload

ip nat inside source static tcp 10.10.10.17 80 interface FastEthernet4 80

ip nat inside source static tcp 10.10.10.17 443 interface FastEthernet4 443

ip nat inside source static udp 10.10.10.17 4125 interface FastEthernet4 4125

ip nat inside source static tcp 10.10.10.17 8080 interface FastEthernet4 8080

!

logging trap debugging

access-list 1 remark INSIDE_IF=BVI1

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 10.10.10.0 0.0.0.255

access-list 100 remark SDM_ACL Category=128

access-list 100 permit ip host 255.255.255.255 any

access-list 100 permit ip 127.0.0.0 0.255.255.255 any

no cdp run

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

banner exec ^C

% Password expiration warning.

-----------------------------------------------------------------------

Cisco Router and Security Device Manager (SDM) is installed on this device and

it provides the default username "cisco" for  one-time use. If you have already

used the username "cisco" to login to the router and your IOS image supports the

"one-time" user option, then this username has already expired. You will not be

able to login to the router with this username after you exit this session.

It is strongly suggested that you create a new username with a privilege level

of 15 using the following command.

username privilege 15 secret 0

Replace and with the username and password you want to

use.

-----------------------------------------------------------------------

^C

banner login ^CAuthorized access only!

Disconnect IMMEDIATELY if you are not an authorized user!^C

!

line con 0

login local

no modem enable

transport output telnet

line aux 0

login local

transport output telnet

line vty 0 4

privilege level 15

login local

transport input telnet ssh

!

scheduler max-task-time 5000

scheduler allocate 4000 1000

scheduler interval 500

end

yourname#

Ok, let me confirm the objective. You have an internet camera whose IP address is 10.10.10.40 & you want to access it from internet using port 80. So, from internet, when you try to access it using the public IP at port 80, that is being given by your ISP, you want to get connected to your camera.

Here's something conflicting:

ip nat inside source static tcp 10.10.10.17 80 interface FastEthernet4 80

You are already using port 80 with 10.10.10.17.

You could use a different port from internet to connect to the camera on inside.

All you have to do is to add the following lines to the configuration:

On the # sign, copy/paste the following three lines:

config t

ip nat inside source static tcp 10.10.10.17 80 interface FastEthernet4 8000

end

Now, check if you could connect to internet camera from internet using the Public IP that is being given by your ISP on port 8000.

If you want to see what public IP you are currently using type in "show ip int br fa4" on # sign & you will see the IP address.

good luck

if helpful Rate

Whats given now.. you have my data above

- I can see my outside camera on my internal network on 10.10.10.40

- No one from the WWW can see this camera view. 

- The ISP hasn't provided me any data or ports at this time.

I would like to see my camera from any location from the world without using an username password.  I would like for you to see my outside view via a domain address. 

SHould I still follow your process?

Is your ISP resolving the domain name for you? What domain name are you using?

How were you using this camera earlier? Any other router?

With the configuration that I suggested, you should able to view the camera from WWW by using http://Public IP address of router/8000

Please confirm that you could do it.

I can use any of the many domain names I own.. I will use http://backyardgardener.com/

I thought the camera was accessable via the WWW, but come to find out it was only internal.  I have the same router.

I will verify your process.

yourname#config t

Enter configuration commands, one per line.  End with CNTL/Z.

yourname(config)#

yourname(config)#$static tcp 10.10.10.17 80 interface FastEthernet4 8000

yourname(config)#

yourname(config)#end

yourname#config t

Enter configuration commands, one per line.  End with CNTL/Z.

yourname(config)#$static tcp 10.10.10.17 80 interface FastEthernet4 8000

yourname(config)#end

yourname#show ip int br fa4

Interface                  IP-Address      OK? Method Status                Prot

ocol

FastEthernet4              131.191.17.48   YES DHCP   up                    up

yourname#

I've tried several ip numeric ip addresses with /8000 via  web browser and I'm unsuccessful in viewing the camera.  At least I'm trying... I hope I don't have to shelf this router and buy another router to that allows me to port forward and view my camera via the WWW.  

From my exp, this router works pretty well for port forwarding. My bad..It should have been:

http://131.191.17.48:8000

I tried connecting to it, it doesn't work. Are you sure that port 80 is the only one that you need to forward? What are the specifications of this camera (company, make, model no. etc.)?

What is 10.10.10.17 device?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: