Telnet and SSH to Secondary Router

123Cisco · ‎05-16-2020

i have a lab setup with 3 Cisco routers. The first router has no problem with telnet and ssh from a remote location. What i need is to telnet to the two other routers. I have tried static routing to a specific port for telnet on both routers and used telnet {ip address}{port} but was not successful. Both routers are connected to the first router and has internet access.

Giuseppe Larosa · ‎05-16-2020

Hello @123Cisco ,

you have an issue with NAT and PAT port based NAT.

You can reach the primary router using SSH on the public WAN interface IP address and this address is likely the only public IP address available.

In this way to be able to create an SSH session with an internal router you need to play with TCP ports and NAT/PAT

You can create a NAT static statement for a different port like 2222 that maps to the internal address of secondary router TCP port 22.

In the same way you can create another statement for port for example 2223 to reach the third router.

ip nat source static tcp <public-ipaddress> 2222 <secondary-router-private-address> 22

Hope to help

Giuseppe

123Cisco · ‎05-16-2020

You were correct. The problem was with the static route. I was routing port 2222 to port 2222.
But the static translation command you mentioned seemed to be incorrect.
its : ip nat inside source static tcp <secondary router private address> 23 <Public address> 2222. This worked for me. I used 23 since telnet uses port 23

Thanks.

Giuseppe Larosa · ‎05-17-2020

Hello @123Cisco ,

I am sorry for the incorrect syntax of the suggested command I have tried to answer on the fly.

I am happy that you have solved your issue.

Best Regards

Giuseppe