12-02-2008 05:51 AM
i want to let ip a.a.a.a from the internet do remote desktoppinmg via port b on computer c.c.c.c on the inside.
how do i do that
acces rule ?
nat rule ?
port association aplication ?
12-02-2008 06:23 AM
First create a NAT-
ip nat inside source static tcp c.c.c.c 3389 interface Ethernet1 3389
Ethernet1 in this case is the outside interface. Yours maybe different (eg dialer0)
Next create an ACL to allow access to the NAT-
ip access-list extended outside_in
permit tcp host a.a.a.a host {ethernet1 IP] eq 3389
Finally we apply it to the outside interface-
interface Ethernet1
ip access-group outside_in in
Hope that helps.
12-04-2008 12:51 PM
i dont know but i dont have internet acces after applyin these rules ?
12-04-2008 01:02 PM
Are you running CBAC on the router? Do you already have an ACL on the outside interface?
12-12-2008 02:03 PM
no cbac no acl
i want to let wan ip a.a.a.a port b from the internet do remote desktoppinmg via port b on computer c.c.c.c on the inside because i want to rdt all my computer on the internal network . so each interanl host has an unique rdt tpc port
on a simple router from alcatel or siemens all this qiute simple
12-12-2008 02:16 PM
Can you post a config?
12-13-2008 05:39 AM
12-13-2008 06:59 AM
frased otherwise
i want port aaaa from the wan directed to host bbbb.
12-14-2008 07:27 AM
i understand the command is to log in from wan
to host cccc with port bbbb
ip nat inside source static tcp cccc bbbb interface FastEthernet4 bbbb
but the logic of cisco fails me.
in sdm i have to fill in translating from adres the host on the inside , but i make the call from outside wan.
the command sentence also speaks of source adres but my logic says the source adres is that of the host that trys to make connection with the inside adres.
what do i miss ?
12-14-2008 12:06 PM
next problem
i have an public ip adres aaaa , then an adslmodem with inside adres ccc138 the fa4 of the cisco is connected to it with ip cccc01.
can i make acces rules with public ip adresses on the outside lan ccc0 of my cisco router because he sees only the gateway ccc138.
should i pass the public ip adres to my cisco router through the adslmodem to make acces lists on basis of public ip adresses of hosts i want to allow ?
12-15-2008 06:06 AM
A couple of things I noticed right away-
Your default gateway points to your interface, it should point to another IP or out the VLAN 1 interface.
Next you'll need the NAT statement to allow the translation from outside to inside.
ip nat inside source static tcp 10.10.10.5 80 interface vlan1 80
Next create the access list to allow the traffic.
access-list 100 permit tcp any any eq
80
Finally apply the access list to the outside interface (VLAN 1 in your case)
interface vlan 1
ip access-group 100 in
I'm afraid I don't use ASDM so I can't be much help there.
12-16-2008 04:04 AM
wat rule are you referring to with : my default gateway points to your ionterface it should point to another ip or out ?
12-16-2008 06:09 AM
ip route 0.0.0.0 0.0.0.0 10.10.10.138
10.10.10.138 is also the IP address of VLAN1
It should be something like this-
ip route 0.0.0.0 0.0.0.0 10.10.10.1
or
ip route 0.0.0.0 0.0.0.0 vlan 1
12-16-2008 08:22 AM
but vlan1 is my internal network
and if i chance it like you mention then i lose internat connection from vlan1
10.10.10.138 is the ip adres of my adsl modem
10.10.10.1 is the ip adres of my cisco external interface
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide