02-13-2017 06:19 AM - edited 03-05-2019 08:01 AM
Hello
I have a problem with port forwarding.
I use simple 6 yrs old 4/1 port Cisco router (I don't remember model @this moment.
i've added rule:
ip nat inside source static tcp local-ip port global-ip port extendable
and it works from outside (WAN)
but when I'm tryin to
telnet global-ip port
from INSIDE of the network it doesn't work.
When I use simple routers for home users (like D-Link, TPLink etc) and set them to forward port to local machine
it is reachable from INSIDE and OUTSIDE of the network (using OUTSIDE ip address)
What do I have to do to make it working on Cisco router too ?
Best regards
02-13-2017 06:43 AM
Hi
why would you want to telnet to your outside ip address from inside your network and not telnet to a private ip on your network from your LAN is there a reason ?
I would disable telnet and use ssh either way, its unsecure and your password can be seeing in a packet capture
02-13-2017 06:52 AM
Hi
I use telent only for tests / examples.
In the fact there is other service working @this port.
Why to call local machine from inside of the network by external address ?
In this case service working on local machine does self test by callin itself on external adress :(
and I have no option to change it....
best reagrds
02-14-2017 11:49 AM
Any idea ?
03-01-2017 12:46 AM
Hi there tech128,
I had the same problem and got it to work with the help from a friend.
I have to say that I have no deep knowledge of Cisco routers. I have no formal education in networks and maybe my answer won't work for you.
My port-forwarding config when I had the same problem as you:
On interface vlan1: ip nat inside
On interface GigabitEthernet8 (wan port): ip nat outside
ip nat inside source static tcp lan-ip port interface GigabitEthernet8 port
New configuration that works for me just like you want it to:
On interface vlan1: ip nat enable
On interface GigabitEthernet8: ip nat enable
ip nat source static tcp lan-ip port interface GigabitEthernet8 port
I would also like to answer the question from Mark Malone as to why doing this and why do I need it:
I have a NAS running several services and some of them have Android apps to access content and services. On the app I always prefer to configure my domain as host for the service. Otherwise I would have to configure the connection again when I am home and once more when I am on the road. Considering I use really long and complex passwords it was impossible to have access everywhere this way.
Now I configured all apps with my domain as host and I can access both from home and on the road without entering any login information every time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide