cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
554
Views
0
Helpful
2
Replies
Beginner

having problems opening port 25

Hi all,

I've been trying to get port 25 opened on a cisco series 800a router this morning.

ive enter the command ( ip nat inside source static tcp 192.168.13.3 25 interface Dialer1 25) however it still fails to work.  just wondering if anyone can see anything silly that i'm not doing?  i've copied the config of the router below also.

Current configuration : 3250 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname wrda
!
no logging buffered
enable secret 5 $1$VgYW$tV3bUuGAww3abm9lEPucn/
!
username wrda password 7 11081D161B13080F016E6F
username helpdesk privilege 15 secret 5 $1$zXu7$d3qnvx1h/ygGlkKngfoyz.
username gerard privilege 15 password 7 141017190D162E

ip subnet-zero
ip name-server 213.120.62.97
ip name-server 213.120.62.98
!
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip audit notify log
ip audit po max-events 100
!
!
!
!
interface Ethernet0
description CRWS Generated text. Please do not delete this:192.168.13.1-255.255
.255.0
ip address 192.168.13.1 255.255.255.0
ip access-group 122 out
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
no ip mroute-cache
atm vc-per-vp 64
no atm ilmi-keepalive
pvc 0/38
  encapsulation aal5mux ppp dialer
  dialer pool-member 1
!
dsl operating-mode auto
dsl power-cutback 0
hold-queue 224 in
!
interface Dialer0
no ip address
!
interface Dialer1
ip address negotiated
ip access-group 111 in
ip nat outside
ip inspect myfw out
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname A020709@hg20.btclick.com
ppp chap password 7 (PASSWORD)
ppp pap sent-username A020709@hg20.btclick.com password 7 (PASSWORD)
!
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static tcp 192.168.13.3 443 interface Dialer1 443
ip nat inside source static tcp 192.168.13.3 25 interface Dialer1 25
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
!
!
access-list 102 permit ip 192.168.13.0 0.0.0.255 any
access-list 111 permit tcp any any eq telnet
access-list 111 permit icmp any any administratively-prohibited
access-list 111 permit icmp any any echo
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any traceroute
access-list 111 permit icmp any any unreachable
access-list 111 permit udp any eq bootps any eq bootpc
access-list 111 permit udp any eq bootps any eq bootps
access-list 111 permit udp any eq domain any
access-list 111 permit esp any any
access-list 111 permit udp any any eq isakmp
access-list 111 permit udp any any eq 10000
access-list 111 permit tcp any any eq 1723
access-list 111 permit tcp any any eq 139
access-list 111 permit udp any any eq netbios-ns
access-list 111 permit udp any any eq netbios-dgm
access-list 111 permit gre any any
access-list 111 deny   ip any any
access-list 122 deny   tcp any any eq telnet
access-list 122 permit ip any any
dialer-list 1 protocol ip permit
!
line con 0
exec-timeout 120 0
login local
no modem enable
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 120 0
login local
length 0
!
scheduler max-task-time 5000
end

wrda#

thanks for any help in advance.

Gerard

Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Guru

Re: having problems opening port 25

Gerard

You have setup the NAT but you have not allowed the access in your acl ie. acl 111. You need to add a line allowing tcp access for port 25. Make sure when you add it that it goes above the last line in the acl ie. the "deny ip any any"

Jon

View solution in original post

2 REPLIES 2
Hall of Fame Guru

Re: having problems opening port 25

Gerard

You have setup the NAT but you have not allowed the access in your acl ie. acl 111. You need to add a line allowing tcp access for port 25. Make sure when you add it that it goes above the last line in the acl ie. the "deny ip any any"

Jon

View solution in original post

Highlighted
Beginner

Re: having problems opening port 25

Hi

Thanks for you reply.  i got it fixed :-D

I removed the commands i had inserted initially and used this command:

ip nat inside source static tcp 25 25 extendable

Thanks again

Gerard

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards