Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1000
Views
0
Helpful
0
Replies

Cisco 877w Port Forward 5060 and Range of ports to internal server

wagdy abdulhameed
Level 1
Level 1

‎09-27-2013 04:37 PM

Please i need help to open port 5060 tcp and udp , range of ports 9000 to 9015 from out side to inside server 192.168.11.4 behind NAT/PAT , i tried many solutions but not worked with me

Thanks

My Configuration :

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime

service password-encryption

!

hostname Centria

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable secret level 2 5 $1$Y4PF$K6TQ5wf0gcHiO5IxvLZba0

enable secret level 5 5 $1$WZeO$BzTCl0C0e1078CWxExJK0/

enable secret 5 $1$tBTd$QoiQ5U1IqCTpNw.lRJ3pU.

!

aaa new-model

!

!

aaa authentication login default local

aaa authentication login sdm_vpn_xauth_ml_1 local

aaa authentication login sdm_vpn_xauth_ml_2 local

aaa authorization exec default local

aaa authorization network sdm_vpn_group_ml_1 local

!

!

aaa session-id common

clock timezone KSA 3

!

crypto pki trustpoint TP-self-signed-3807521769

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3807521769

revocation-check none

rsakeypair TP-self-signed-3807521769

!

!

crypto pki certificate chain TP-self-signed-3807521769

dot11 syslog

!

dot11 ssid Centria-AamalNet

   vlan 1

   authentication open

   authentication key-management wpa

   guest-mode

   wpa-psk ascii 7 06261C2B584D29485437

!

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 10.10.11.1

ip dhcp excluded-address 192.168.11.1

!

ip dhcp pool lan

   import all

   network 192.168.11.0 255.255.255.0

   default-router 192.168.11.1

   dns-server 212.93.192.4 212.93.192.5

   lease 0 2

!

ip dhcp pool wireless

   import all

   network 10.10.11.0 255.255.255.0

   default-router 10.10.11.1

   dns-server 212.93.192.4 212.93.192.5

   lease 0 2

!

!

ip domain name 212.93.192.4

ip name-server 212.93.192.4

ip name-server 212.93.192.5

!

!

!

username aamalnet privilege 2 password 7 0005120B055705031B

username aamalnoc privilege 5 password 7 011207095A07085F22

username aamalsup privilege 15 password 7 06421A311F5C3C5D5605

username cisco privilege 15 secret 5 $1$YkjU$Zt5xF6iIyhugtYm6h8Vh9.

!

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

!

crypto isakmp client configuration group aamalnet

key aamalnet

dns 212.93.192.4 212.93.192.5

include-local-lan

dhcp server 10.10.20.1

max-users 10

netmask 255.255.255.0

crypto isakmp profile sdm-ike-profile-1

   match identity group aamalnet

   client authentication list sdm_vpn_xauth_ml_2

   isakmp authorization list sdm_vpn_group_ml_1

   client configuration address respond

   virtual-template 1

!

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

!

crypto ipsec profile SDM_Profile1

set security-association idle-time 60

set transform-set ESP-3DES-SHA

set isakmp-profile sdm-ike-profile-1

!

!

archive

log config

  hidekeys

!

!

!

bridge irb

!

!

interface Tunnel1

description connected to 78.93.246.250

ip address 172.168.16.2 255.255.255.252

tunnel source 78.93.246.249

tunnel destination 78.93.246.250

!

interface Tunnel2

description CONNECTED TO 12882588@2MB

ip address 172.168.17.1 255.255.255.252

tunnel source 78.xxx.246.xxx

tunnel destination 78.xxx.222.xxx

!

interface Tunnel3

description CONNECTED TO xxxxxxxxx@2MB

ip address 172.168.18.1 255.255.255.252

tunnel source 78.93.246.249

tunnel destination 78.93.222.149

!

interface Tunnel4

description CONNECTED TO xxxxxxx@2MB

ip address 172.168.19.1 255.255.255.252

tunnel source 78.xxx.246.xxx

tunnel destination 78.93.211.236

!

interface Tunnel6

description CONNECTED TO xxxxxxx@2mb

ip address 172.16.22.1 255.255.255.252

tunnel source 78.xxx.246.xxx

tunnel destination 78.xxx.204.xxx

!

interface Tunnel7

description CONNECTED TO xxxxxxxx@2mb

ip address 172.16.33.1 255.255.255.252

tunnel source 78.xxx.246.xxx

tunnel destination 78.xxx.204.xxx

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

pvc 0/35

  pppoe-client dial-pool-number 1

!

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Virtual-Template1 type tunnel

ip unnumbered Dialer0

tunnel mode ipsec ipv4

tunnel protection ipsec profile SDM_Profile1

!

interface Dot11Radio0

no ip address

shutdown

!

encryption vlan 1 mode ciphers tkip

!

encryption mode ciphers tkip

!

ssid Centria-AamalNet

!

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no cdp enable

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 spanning-disabled

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$

no ip address

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

bridge-group 1

!

interface Dialer0

ip address negotiated

ip mtu 1452

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname xxxxxxxx@8mb.aamal.net.sa

ppp chap password 7 051D243D251B662E4F5342

!

interface BVI1

ip address 78.xxx.190.xxx 255.255.255.252 secondary

ip address 192.168.11.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer0

ip route 192.168.12.0 255.255.255.0 Tunnel1

ip route 192.168.13.0 255.255.255.0 Tunnel2

ip route 192.168.14.0 255.255.255.0 Tunnel3

ip route 192.168.15.0 255.255.255.0 Tunnel4

ip route 192.168.16.0 255.255.255.0 Tunnel6

ip route 192.168.17.0 255.255.255.0 Tunnel7

!

ip http server

ip http access-class 23

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source list 1 interface Dialer0 overload

ip nat inside source static tcp 192.168.11.4 3389 interface Dialer0 3389

ip nat inside source static tcp 192.168.11.4 5060 78.93.246.249 5060 extendable

ip nat inside source static udp 192.168.11.4 5060 78.93.246.249 5060 extendable

!

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.168.11.0 0.0.0.255

access-list 1 permit 10.10.11.0 0.0.0.255

access-list 1 permit any

access-list 23 permit 212.xx.196.0 0.0.0.255

access-list 23 permit 212.xx.192.0 0.0.0.255

access-list 23 permit 212.xx.193.0 0.0.0.255

access-list 23 permit 10.10.10.0 0.0.0.255

dialer-list 1 protocol ip permit

snmp-server community private RW

snmp-server community public RO

no cdp run

!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents