Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
568
Views
0
Helpful
1
Replies

Open local port.

digbym650
Level 1
Level 1

‎07-31-2015 08:51 AM - edited ‎03-08-2019 01:12 AM

Hello,

 I have a Linux computer and a Windows computer on local ports connected via a Cisco 887VAW.

I have a rsh deamon (runs on tcp port 514) running on the Linux computer.

When I send a command from the Windows computer to the rsh deamon on the Linux computer, the

command is never received. I tried another router and it works without a problem.

I am guessing I have to open port 514 for rsh local traffic on the router and possibly the firewall. I was

wondering if anyone could tell me how to do this? Here is my router configuration;

version 15.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname MyRouter
!
boot-start-marker
boot-end-marker
!
!
logging buffered 65535
logging console informational
enable password 7 password1
!
aaa new-model
!
!
aaa authentication banner ^CUnauthorized Access Prohibited^C
aaa authentication fail-message ^CFailed login. Try again.^C
aaa authentication login default local
aaa authentication enable default enable
aaa authentication ppp default local
aaa authorization exec default local
!
aaa session-id common
memory-size iomem 10
clock timezone mytimezone 1
clock mytimezone recurring 1
!
no ip source-route
ip cef
!
ip dhcp excluded-address 10.0.0.1 10.0.0.101
ip dhcp excluded-address 10.0.0.115 10.0.0.254
!
ip dhcp pool MyLinuxComputer
 host 10.0.0.102 255.255.255.0
 client-identifier 01macaddress1
 default-router 10.0.0.101
 dns-server dnsserver1 dnsserver2
 lease infinite
!
ip dhcp pool MyWindowsComputer
 host 10.0.0.103 255.255.255.0
 client-identifier 01macaddress2
 default-router 10.0.0.101
 dns-server dnsserver1 dnsserver2
 lease infinite
!
no ip bootp server
ip domain name ispdomain
ip name-server dnsserver1
ip name-server dnsserver2
ip inspect name FW udp
ip inspect name FW icmp
ip inspect name FW http
ip inspect name FW https
ip inspect name FW login
ip inspect name FW netstat
ip inspect name FW rtelnet
ip inspect name FW shell
ip inspect name FW ssh
ip inspect name FW sshell
ip inspect name FW snmp
ip inspect name FW syslog
ip inspect name FW telnet
ip inspect name FW telnets
ip inspect name FW tftp
ip inspect name FW ftp
no ipv6 cef
!
parameter-map type inspect global
 log dropped-packets enable
 max-incomplete low 500
 max-incomplete high 600
 spoofed-acker off
!
license udi pid C887VA-W-A-K9 sn serialnumber
!
archive
 log config
  hidekeys
username username1 privilege 15 password 7 password1

!
controller VDSL 0
 operating mode adsl2+ annex M
!

ip ssh time-out 90
ip ssh authentication-retries 2
!
!
interface ATM0
 description --- ADSL ---
 no ip address
 no atm ilmi-keepalive
 pvc 8/35
  tx-ring-limit 3
  encapsulation aal5snap
  pppoe-client dial-pool-number 1
 !
!
interface Ethernet0
 no ip address
 shutdown
!
interface FastEthernet0
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface Wlan-GigabitEthernet0
 description Internal switch interface connecting to the embedded AP
 switchport trunk allowed vlan 1,1002-1005
 switchport mode trunk
 no ip address
!
interface wlan-ap0
 description Embedded Service module interface to manage the embedded AP
 ip unnumbered Vlan1
!
interface Vlan1
 description --- Ethernet LAN ---
 ip address 10.0.0.101 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1420
!
interface Dialer0
 description --- ADSL ---
 ip address myipaddress 255.255.255.254
 ip access-group 100 in
 ip mtu 1460
 ip nat outside
 ip inspect FW out
 ip virtual-reassembly in
 encapsulation ppp
 ip tcp adjust-mss 1420
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname username2
 ppp chap password 7 password2
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip dns server
no ip nat service sip udp port 5060
ip nat inside source static tcp 10.0.0.102 20 interface Dialer0 20
ip nat inside source static tcp 10.0.0.102 21 interface Dialer0 21
ip nat inside source static tcp 10.0.0.103 25 interface Dialer0 25
ip nat inside source static tcp 10.0.0.103 110 interface Dialer0 110
ip nat inside source list NAT interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended MANAGEMENT
 permit ip 10.0.0.0 0.0.0.255 any
ip access-list extended NAT
 permit ip 10.0.0.0 0.0.0.255 any
!
logging host 10.0.0.102
access-list 100 deny   ip any any
access-list 100 permit ip 10.0.0.0 0.0.0.255 any
no cdp run
!
line con 0
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 stopbits 1
line vty 0 4
 access-class MANAGEMENT in
 transport input all
!
scheduler max-task-time 5000
scheduler allocate 20000 1000
sntp server serveraddress
!
end

 

Thanks in advance.

Regards

 

1 person had this problem
Labels:
0 Helpful
1 Reply 1

digbym650
Level 1
Level 1

‎08-01-2015 08:55 AM

Problem solved; rsh communication was established adding the line;

ip nat inside source static tcp 10.0.0.102 514 10.0.0.103 514 extendable

0 Helpful
Customers Also Viewed These Support Documents