!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname Almerqab
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200
logging console critical
enable secret 5 $1$6ZWp$Nf6CT5HMAoOAmUzQB8oaw1
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
clock timezone PCTime 3
!
crypto pki trustpoint TP-self-signed-2079965419
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2079965419
revocation-check none
rsakeypair TP-self-signed-2079965419
!
!
crypto pki certificate chain TP-self-signed-2079965419
certificate self-signed 01
  3082024F 308201B8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32303739 39363534 3139301E 170D3032 30333031 30303337
  31385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 30373939
  36353431 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100EEAA E6F8FCE3 569A614E 3964E7BF D02C718D 9FF743EC 0ED21467 4357E786
  7E18429A FC032F19 623CA055 949830C1 6C9C5394 9FE8E260 F256CF2B 7C4DEB65
  82AA349D F70573D1 D88E6524 A322B6CC 8FEDBB4C 95B6714C 36C81398 7723A5EE
  CE0396D3 A80B6E77 51D1FEB1 77EB7D68 64D015F5 EFEDF0DB D9D000C9 F553DF66
  14B90203 010001A3 77307530 0F060355 1D130101 FF040530 030101FF 30220603
  551D1104 1B301982 17416C6D 65727161 622E796F 7572646F 6D61696E 2E636F6D
  301F0603 551D2304 18301680 14E14EE1 DB9E4B6E 33ACED00 C38064E2 163477A5
  CD301D06 03551D0E 04160414 E14EE1DB 9E4B6E33 ACED00C3 8064E216 3477A5CD
  300D0609 2A864886 F70D0101 04050003 81810020 94264768 76EA2C32 E7F0F049
  12377BD2 7EAEC547 388D01D6 D48176FA 1FFC5E1F E2054F4F BC964C68 A4FAA7EC
  FBD7A581 1A9C681F C2506D89 ED88B1BB BEE9CB4D 47AA6583 D9921A14 6CC1664E
  4DC43D5D F88B6EF6 B9F0E88B 6C4CB125 841484F8 CD89F1DF BD863A8E 7DBE5ABB
  178C1EBA 2B9448AB A0A7E393 D10F8C3A FC7642
      quit
no ip source-route
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.2.1 192.168.2.109
ip dhcp excluded-address 192.168.2.191 192.168.2.254
!
ip dhcp pool sdm-pool1
   import all
   network 192.168.2.0 255.255.255.0
   dns-server 212.77.192.59 212.77.192.60
   default-router 192.168.2.1
!
!
no ip bootp server
ip domain name yourdomain.com
ip name-server 212.77.192.59
ip name-server 212.77.192.60
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip ddns update method myddns
HTTP
  add http://alemadi01:01alemadi007@members.dyndns.org/nic/update?system=dyndns&hostname=01alemadi007@members.dyndns.org/nic/update?system=dyndns&hostname=&myip=
interval maximum 28 0 0 0
!
!
multilink bundle-name authenticated
!
!
username ciscouser privilege 15 secret 5 $1$/zVP$MyPl2ffwYBLFTvC4.AHzI1
username cisco privilege 15 password 7 121A0C04110454517D7F
username admin privilege 15 password 7 0207005602085E731F
!
crypto isakmp key remote1 hostname alemadi02.dyndns.org
crypto isakmp key remote1 hostname alemadi01.dyndns.org
crypto isakmp keepalive 30 periodic
!
!
!
!
!
crypto ipsec client ezvpn alemadi01
connect auto
group remote1 key remote1
mode network-extension
peer alemadi01.dyndns.org
virtual-interface 1
username remote1 password remote1
xauth userid mode local
!
!
archive
log config
  hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
description $ES_WAN$$FW_OUTSIDE$
pvc 8/35
  pppoe-client dial-pool-number 1
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Virtual-Template1 type tunnel
no ip address
tunnel mode ipsec ipv4
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.2.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1412
crypto ipsec client ezvpn alemadi01 inside
!
interface Dialer0
ip ddns update hostname alemadi02.dyndns.org
ip ddns update myddns
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1340
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname p4830880
ppp chap password 7 044A0A120E331D1C
ppp pap sent-username p4830880 password 7 0015121205495A54
crypto ipsec client ezvpn alemadi01
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0 2
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.2.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
banner login

the DVR ip is 192.168.2.210 the public ip addres it's not fixed so i can tell you what is it now because i'm not close to the router so if you can tell me the commands and i'll configure the router by it (the router is accessible from the internet and i have tried that) by interface (dialer 0)

Here is the static PAT configuration with Dialer interface ip address:

ip nat inside source static tcp 192.168.2.210 9999 interface Dialer0 9999 overload

Hope that helps.

thank you very much hope its work

i gonna try it

it's still not working

that what i was doing plus to your command

ip nat pool POOL1 192.168.1.210 192.168.0.9 netmask 255.255.255.0 type rotary

ip nat inside destination list WOW pool POOL1

ip access-list extended WOW
permit tcp any any eq 9999

plz if you can help me

Please kindly remove the following line as they are not required:

ip nat pool POOL1 192.168.1.210 192.168.0.9 netmask 255.255.255.0 type rotary

ip nat inside destination list WOW pool POOL1

ip access-list extended WOW
permit tcp any any eq 9999

After removing the above and leaving the static pat configuration line that i advised earlier, please "clear ip nat trans *".

Then check what is your dialer interface ip address, and check if you can telnet on port 9999 on that dialer interface ip address from the Internet.

i just replace cisco router by linksys and everything is ok and i can watch the camera remotely

i don't know what can i do with this router jenny anything can i do plz if you can help me again plz

Good to hear it's working now. What was the fault on the DVR?

Thanks for the ratings.

It would be best if you post your question on the forum so everyone can help out.

I am not particularly familiar in VOIP. My area of expertise is Security.

hey jenny how are you ? i hope everything is ok

i wanna ask u something easy to you and i need your help in several things

i have two router cisco 877 and i want to make a VPN  between them

first of all could you with a few words explain to me what can i do in general

and i have another quest plz

i have a 2MB of internet speed, can i take like 512KB from the speed for the VPN so this router can support that if so could you tell me the command plz

best wishes