07-27-2020 04:46 AM
Hello all,
when I'm configuring the router (I'm still new to this), I encountered the following problem:
the router is accessible via telnet from local network computers, and I can also use RDP to connect to local network computers from the local network.
But if I try to connect to the router at an external static address (WAN), the router rejects the connection. And I can't configure port forwarding from Internet to local machine 10.1.2.6.
Please advise where to look for the problem.
Thank you in advance
I attached the router configuration:
Building configuration... Current configuration : 1557 bytes |
Solved! Go to Solution.
07-27-2020 06:03 AM
Hello,
try the config below:
ip nat pool INTERNET 176.xxx.xxx.80 -176.xxx.xxx.80 prefix-length 24
ip nat inside source route-map NAT pool INTERNET reversible
!
access-list 1 permit 10.1.2.0 0.0.0.255
!
route-map NAT
match ip address 1
07-27-2020 01:58 PM
Hello,
there is a difference in the configuration for forwarding a range of TCP, and for forwarding a range of UDP ports. For UDP, you need, unfortunately, a single line like the one below:
ip nat inside source static udp 10.1.2.10 3389 176.xxx.xxx.80 3389 extendable
For TCP ports, you can use this:
ip nat pool INTERNET 176.xxx.xxx.80 -176.xxx.xxx.80 netmask 255.255.255.0 type rotary
ip nat inside destination list TCP_PORTS pool INTERNET
!
ip access-list extended TCP_PORTS
permit tcp any any range 1970 1989
07-27-2020 06:03 AM
Hello,
try the config below:
ip nat pool INTERNET 176.xxx.xxx.80 -176.xxx.xxx.80 prefix-length 24
ip nat inside source route-map NAT pool INTERNET reversible
!
access-list 1 permit 10.1.2.0 0.0.0.255
!
route-map NAT
match ip address 1
07-27-2020 07:09 AM
Hi @Georg Pauwen thank you very very much!!!! I'm grateful to you for the solution. The RDP connection from outside works very well.
The only thing I have to finish is to make to work the connection to the router via telnet (port 23) from outside. It isn't alive yet.
07-27-2020 07:27 AM
Hello,
try and configure:
line vty 0 4
--> transport input all
--> transport output all
07-27-2020 07:51 AM
@Georg Pauwen unfortunately I didn't succeed after adding it to line vty 0 4:
transport input all transport output all |
no connection to router from outside via telnet. I used both the putty and the windows telnet client with the same result.
One more additional question from me. Please, don't think me Intrusive.
How can I make a port range forwarding from the Internet to a specific computer on the local network.
I need to forward the range (1970-1989) in addition to 3389 port from Internet to 10.1.2.6 local computer
Great thanks in advance!!!
07-27-2020 01:58 PM
Hello,
there is a difference in the configuration for forwarding a range of TCP, and for forwarding a range of UDP ports. For UDP, you need, unfortunately, a single line like the one below:
ip nat inside source static udp 10.1.2.10 3389 176.xxx.xxx.80 3389 extendable
For TCP ports, you can use this:
ip nat pool INTERNET 176.xxx.xxx.80 -176.xxx.xxx.80 netmask 255.255.255.0 type rotary
ip nat inside destination list TCP_PORTS pool INTERNET
!
ip access-list extended TCP_PORTS
permit tcp any any range 1970 1989
07-28-2020 02:27 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide