cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
804
Views
0
Helpful
0
Replies

Port Forward in Cisco series 800

Dear Support

 

below the configuration of Cisco Series 800 Router that Has VDSL  port of internet , the configuration as below : 

i add three command

 

what is required in order to make port forward

 

ip nat inside source static tcp  8000 10.10.10.10 8000 dilar 0

ip nat inside source static tcp 554  10.10.10.10 554 dilar 0

ip access list extended 100

permit ip any any

what is required to make port forward to the local ip address 10.10.10.10 from outside interface that is VDSL port ?

 

!
! Last configuration change at 10:47:44 KSA Wed Apr 22 2015 by aamalsup
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime
service password-encryption
!
hostname AamalNet
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret level 2 5 $1$Y4PF$K6TQ5wf0gcHiO5IxvLZba0
enable secret level 5 5 $1$WZeO$BzTCl0C0e1078CWxExJK0/
enable secret 5 $1$plq6$P5HVL/tR81cs0GFDrD.0V/
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
!
!
!
!
!
aaa session-id common
clock timezone KSA 3 0
!
crypto pki trustpoint TP-self-signed-1682106276
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1682106276
 revocation-check none
 rsakeypair TP-self-signed-1682106276
!
!
crypto pki certificate chain TP-self-signed-1682106276
 certificate self-signed 02
  30820250 308201B9 A0030201 02020102 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31363832 31303632 3736301E 170D3032 30333031 30303038
  35315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36383231
  30363237 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C2F3 49897460 71FEB259 7794B7C6 D398958A 2D338F0F C69F0E75 1137B16C
  C261A275 8416DAF6 FC19AA6E 50024019 66CE4DB8 3AFAB6FE CE892B42 86A93490
  97259E47 D740B2F4 9AA2D307 7B676841 2CAAA879 D945A6FD 717B507F 77399332
  1644CEDE 884BF133 ACFBBC80 9869A104 54CC3EEE 9D521378 EC762D86 C3F0ABC9
  CA990203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
  551D1104 1C301A82 18417761 6C416D61 6C792E61 77616C6E 65742E6E 65742E73
  61301F06 03551D23 04183016 80149ADD A651C9F9 F8369354 5C904777 090FEB75
  72E0301D 0603551D 0E041604 149ADDA6 51C9F9F8 3693545C 90477709 0FEB7572
  E0300D06 092A8648 86F70D01 01040500 03818100 50ACCA98 1A5FCCAD FC61D703
  A8589B02 AFB8CD47 BD1CC7B0 B095C97F AA0604A8 F8495053 C8A9CBB9 644F5674
  318A7AA0 873250AD 1DE28CE2 BE21ED19 BF212CF7 E2A97CFB FFA62F1E 643CEDFE
  90D02109 719FD4D3 98E6C40B D61CE89C D2426C1E 3CBD9FBE 397F7F7C F1DD279E
  14F8BB2D ABFA784B 6E04274B EDCBFC8F A805E91D
      quit
ip cef
!
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.11.1
!
ip dhcp pool lan
 import all
 network 10.10.10.0 255.255.255.0
 default-router 10.10.10.1
 dns-server 212.93.192.4 212.93.192.5
 lease 0 2
!
ip dhcp pool wireless
 import all
 network 10.10.11.0 255.255.255.0
 default-router 10.10.11.1
 dns-server 212.93.192.4 212.93.192.5
 lease 0 2
!
!
!
no ip domain lookup
ip domain name aamal.net.sa
ip name-server 212.93.192.4
ip name-server 212.93.192.5
no ipv6 cef
!
!
cwmp agent
 enable download
 enable
 session retry limit 10
 management server password 7 094D4308151612001D05072F
 management server url http://aamalservice.aamal.net.sa:9090
!
license udi pid C887VA-W-E-K9 sn FCZ17459018
!
!
archive
 log config
  hidekeys
username k privilege 15 password 7 020D
username admin privilege 15 password 7 14161606050A
!
!
!
!
!
controller VDSL 0
!
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp client configuration group aamalnet
 key aamalnet
 dns 212.93.192.4 212.93.192.5
 include-local-lan
 dhcp server 10.10.10.1
 max-users 10
 netmask 255.255.255.0
crypto isakmp profile sdm-ike-profile-1
   match identity group aamalnet
   client authentication list sdm_vpn_xauth_ml_2
   isakmp authorization list sdm_vpn_group_ml_1
   client configuration address respond
   virtual-template 1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
 mode tunnel
!
crypto ipsec profile SDM_Profile1
 set security-association idle-time 60
 set transform-set ESP-3DES-SHA
 set isakmp-profile sdm-ike-profile-1
!
!
!
bridge irb
!
!
!
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
 pvc 0/35
  pppoe-client dial-pool-number 1
 !
!
interface Ethernet0
 no ip address
 shutdown
!
interface FastEthernet0
 no ip address
!
interface FastEthernet1
 no ip address
!
interface FastEthernet2
 no ip address
!
interface FastEthernet3
 no ip address
!
interface Virtual-Template1 type tunnel
 ip unnumbered Dialer0
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile SDM_Profile1
!
interface Wlan-GigabitEthernet0
 description Internal switch interface connecting to the embedded AP
 switchport mode trunk
 no ip address
!
interface wlan-ap0
 description Embedded Service module interface to manage the embedded AP
 ip unnumbered Vlan1
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 ip tcp adjust-mss 1452
!
interface Vlan2
 no ip address
 bridge-group 2
!
interface Dialer0
 ip address negotiated
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname 38356690@1mb.aamal.net.sa
 ppp chap password 7 0007145E2E5A05522E1858
 no cdp enable
!
interface BVI2
 ip address 10.10.11.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
!
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 1 permit 10.10.11.0 0.0.0.255
access-list 23 permit 212.93.196.0 0.0.0.255
access-list 23 permit 212.93.192.0 0.0.0.255
access-list 23 permit 212.93.193.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 23 permit 10.10.11.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
snmp-server community private RW
snmp-server community public RO
!
!
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
!
privilege interface level 5 encapsulation
privilege interface level 5 description
privilege interface level 5 no encapsulation
privilege interface level 5 no description
privilege interface level 5 no
privilege configure level 5 ip route
privilege configure level 5 interface
privilege configure level 5 controller
privilege configure level 5 ip
privilege exec level 5 copy running-config tftp
privilege exec level 5 copy running-config
privilege exec level 5 copy
privilege exec level 5 write memory
privilege exec level 5 write
privilege exec level 5 configure terminal
privilege exec level 5 configure
privilege exec level 5 show processes cpu
privilege exec level 5 show processes
privilege exec level 2 show running-config
privilege exec level 5 show configuration
privilege exec level 2 show
privilege exec level 5 clear counters
privilege exec level 5 clear
banner exec


CC
% Password expiration warning.
-----------------------------------------------------------------------
 

 

Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for  one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
 

"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
 

It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
 

username <myuser> privilege 15 secret 0 <mypassword>
 

Replace <myuser> and <mypassword> with the username and password you want to
use.
 

-----------------------------------------------------------------------



banner login


CC
-----------------------------------------------------------------------
********STC AamalNet Service****************************************
********Authorize Access Only. For more Support Call 909************
-----------------------------------------------------------------------



!
line con 0
 privilege level 15
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
 stopbits 1
line vty 0 4
 access-class 23 in
 privilege level 2
 transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 20000 1000
!
end
 

 

0 Replies 0