cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
749
Views
0
Helpful
1
Replies

Port Forwarding Cisco 1841 issue

paullenic
Level 1
Level 1

Good day,

I have a cisco 1841. I have not had any success in forwarding the following ports:

Fowrard UDP Port 1194 to 10.20.36.222

Forward TCP Port 4444 to  10.20.36.222

Router IP is 10.20.36.249

I'm using the CLI (but do have the SDM installed also)

The forwards don't see to 'stick' am I forgetting something else. Can someone post the correct syntax of the config command please..

See below a copy of running config.(some items removed for security reasons)

Warm regards

Current configuration : 5657 bytes

!

! Last configuration change at 09:33:42 EST Mon Oct 21 2013 by admin

! NVRAM config last updated at 09:47:43 EST Fri Oct 18 2013 by admin

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

!

boot-start-marker

boot system flash c1841-advsecurityk9-mz.124-21.bin

boot-end-marker

!

no logging buffered

enable secret 5 $1$I2Lg$NHGXwwc8c6b.0m9EWP37O1

!

no aaa new-model

clock timezone EST -5

ip cef

!

!

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

no ip dhcp use vrf connected

!

ip dhcp pool Guest

   network 192.168.123.0 255.255.255.0

   default-router 192.168.123.1

   dns-server 4.2.2.2 8.8.8.8

!

!

!

!

crypto pki trustpoint TP-self-signed-3275215788

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3275215788

revocation-check none

rsakeypair TP-self-signed-3275215788

!

  hidekeys

!

!

ip rcmd rcp-enable

ip rcmd remote-host sdmR3d89e8a9 10.20.36.135 L3d89e8a9 enable

!

!

!

!

interface FastEthernet0/0

ip address 10.20.36.249 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache cef

no ip route-cache

duplex auto

speed auto

no cdp enable

!

interface FastEthernet0/0.10

encapsulation dot1Q 10

ip address 192.168.123.1 255.255.255.0

ip nat inside

ip virtual-reassembly

no ip route-cache

!

interface FastEthernet0/1

description $ETH-LAN$

ip nat outside

ip virtual-reassembly

no ip route-cache cef

no ip route-cache

duplex auto

speed auto

!

interface Serial0/0/0

ip nat inside

ip virtual-reassembly

encapsulation ppp

!

router eigrp 1

passive-interface FastEthernet0/0

passive-interface FastEthernet0/1

network 10.0.0.0

network 172.16.0.0

no auto-summary

!

no ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 71.43.32.105

ip route 10.209.0.0 255.255.0.0 10.20.36.254

ip route 10.247.208.0 255.255.255.0 10.20.36.222

ip route 12.171.243.0 255.255.255.0 10.20.36.254

ip route 12.171.244.0 255.255.255.0 10.20.36.254

ip route 12.171.245.0 255.255.255.0 10.20.36.254

ip route 12.171.246.0 255.255.255.0 10.20.36.254

ip route 12.171.247.0 255.255.255.0 10.20.36.254

ip route 63.90.86.0 255.255.255.0 10.20.36.254

ip route 69.60.80.0 255.255.255.0 10.20.36.254

ip route 69.60.81.0 255.255.255.0 10.20.36.254

ip route 69.60.83.0 255.255.255.0 10.20.36.254

ip route 69.60.84.0 255.255.255.0 10.20.36.254

ip route 69.60.85.0 255.255.255.0 10.20.36.254

ip route 142.30.0.0 255.255.0.0 10.20.36.254

ip route 172.16.0.0 255.255.255.0 10.20.36.222

ip route 172.31.0.0 255.255.0.0 10.20.36.254

ip route 192.168.100.0 255.255.255.0 10.20.36.254

ip route 192.168.101.0 255.255.255.0 10.20.36.254

ip route 206.180.0.0 255.255.255.0 10.20.36.252

ip route 206.180.0.59 255.255.255.255 10.20.36.254

!

ip http server

ip http authentication local

ip http secure-server

ip nat inside source static tcp 10.20.36.249 23 interface FastEthernet0/1 23

ip nat inside source static tcp 10.20.36.249 22 interface FastEthernet0/1 22

ip nat inside source route-map NAT interface FastEthernet0/1 overload

!

ip access-list extended Nat

deny   ip 10.20.36.0 0.0.0.255 172.16.12.0 0.0.0.255

permit ip 10.20.36.0 0.0.0.255 any

permit ip 192.168.123.0 0.0.0.255 any

!

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 10.20.37.0 0.0.0.255

access-list 102 permit ip 10.20.36.0 0.0.0.255 any

route-map NAT permit 10

match ip address Nat

!!

line con 0

login local

line aux 0

line vty 0 4

login local

transport input telnet ssh

transport output telnet ssh

!

scheduler allocate 20000 1000

ntp clock-period 17179022

ntp server 129.6.15.28

end

1 Reply 1

cadet alain
VIP Alumni
VIP Alumni

Hi,

Why did you disable CEF on the NAT interfaces ? can you reenable it.

What is not working exactly ?Can you change the port on the outside interface too.

Regards.

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
Review Cisco Networking for a $25 gift card