Hello all,

I have cisco 2911 router with public IP enabled.

I am able to connect my router through putty SSH using my private IP, and it works fine.

But when I try to connect the router using public IP from outside the network, it says "Network error: Connection refused".

Here is some information about router configuration for your reference:

#show version
Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.4(3)M1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Sat 25-Oct-14 03:34 by prod_rel_team

ROM: System Bootstrap, Version 15.0(1r)M6, RELEASE SOFTWARE (fc1)

DeaJon1 uptime is 5 days, 23 hours, 14 minutes
System returned to ROM by reload at 09:34:10 UTC Wed Oct 20 2021
System image file is "flash0:c2900-universalk9-mz.SPA.154-3.M1.bin"
Last reload type: Normal Reload
Last reload reason: Reload Command

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco CISCO2911/K9 (revision 1.0) with 483328K/40960K bytes of memory.
Processor board ID FTX1427AHQ4
3 Gigabit Ethernet interfaces
1 terminal line
8 Voice FXO interfaces
DRAM configuration is 64 bits wide with parity enabled.
255K bytes of non-volatile configuration memory.
254464K bytes of ATA System CompactFlash 0 (Read/Write)

License Info:

License UDI:

-------------------------------------------------
Device# PID SN
-------------------------------------------------
*1 CISCO2911/K9 FTX1427AHQ4

Technology Package License Information for Module:'c2900'

------------------------------------------------------------------------
Technology Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------------
ipbase    ipbasek9    Permanent    ipbasek9
security     None         None            None
uc              uck9       Permanent      uck9
data          None         None            None
NtwkEss    None        None             None
CollabPro  None        None             None

Configuration register is 0x2101

#show ip ssh

SSH Enabled - version 2.0
Authentication methods: publickey, keyboard-interactive, password
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQCMueDzv0jZEIG/sbuDnTka5Td3cbnMo8XyPFkfR0ND
sD+RB+czPka7Xayj/9UvjficXJ6nabvBmpXvysZDrKiC4VEncBh6iG10QzZqnANhHLyMv3hjONhJW94W
5qEeYvRhLJG1689mTmrwX3aBSqF4vSH1auzRKW5+maKAaZmhcw==

#show run | s line

line con 0
exec-timeout 0 0

---------------
line aux 0

---------------
line 2

no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1

---------------
line vty 0 4
login local
transport input all

# show run (ip nat details)

ip nat pool NAT_POOL X.X.X.X   X.X.X.X netmask X.X.X.X
ip nat inside source list 10 pool NAT_POOL overload
ip route X.X.X.X    X.X.X.x    X.X.X.X
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp

Please help and thanks in advance.

!

!