05-10-2011 11:52 AM - edited 03-04-2019 12:20 PM
Hi,
I'm trying to setup port forwarding to a citrix server but,
it seems not to be working, can someone please tel me what I'm doing wrong
As you can see I'm using dyndns an I have verified its working by pinging the host ...
Building configuration...
Current configuration : 1998 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname **********
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
dot11 syslog
ip source-route
!
!
!
!
ip cef
ip name-server 208.67.220.220
ip name-server 208.67.222.222
ip ddns update method DYNDNS
HTTP
add http:/**************@members.dyndns.org/nic/updatesystem=dyndns&hostname=<h>&myip=<a>
interval maximum 0 2 0 0
!
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
username *********** privilege 15 password 0 ***************
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface FastEthernet0/0
description INTERNAL_INTERFACE
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
description ADSL_INTERFACE
no ip address
ip mask-reply
ip directed-broadcast
ip flow ingress
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface ATM0/1/0
no ip address
shutdown
no atm ilmi-keepalive
!
interface Dialer0
ip ddns update hostname *****************.dyndns.biz
ip ddns update DYNDNS
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp chap hostname *************************
ppp chap password 0 ****************
ppp pap sent-username **************** password 0 *******************
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
ip http authentication local
no ip http secure-server
!
!
ip nat inside source list INTERNET interface Dialer0 overload
ip nat inside source static tcp 192.168.0.247 443 interface Dialer0 443
!
ip access-list extended INTERNET
permit ip any any
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
05-10-2011 12:26 PM
Hi,
Your configuration looks good to me. Please post the output of "show ip nat transalation | include 192.168.0.247" when you're connecting from the internet to this server. I just wanna make sure how NAT works for this entry. Can you connect this server within Lan segment while testing?
Just note for you : You should get a problem when trying to manage this router from the internet. I'd change the ACL below:
!
ip access-list extended INTERNET
no permit ip any any
permit ip 192.168.0.0 0.0.0.255 any
!
HTH,
Toshi
05-10-2011 12:35 PM
We do have a netgear router configured and that works...I can connect from the internal lan though.
I will post the results tomorrow.
Thanks for the reply
05-10-2011 12:43 PM
Hi,
I think you might need the following command to get Citrix work.
Please try this:
!
interface Dialer0
ip tcp adjust-mss 1380
!
HTH,
Toshi
05-10-2011 01:23 PM
Thanks I'll give that a go...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide