Probleem with port forwarding - Firewalls

This is a discussion on Probleem with port forwarding - Firewalls ; Hi guys, I need your help on port forwarding on CISCOrouter, I am new to configuring CISCO router, any way I did configuer my router, now I can internet and send and recieve mail, so this part is good. I ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: Probleem with port forwarding

  1. Probleem with port forwarding

    Hi guys,

    I need your help on port forwarding on CISCOrouter,
    I am new to configuring CISCO router, any way I did configuer my
    router, now I can internet and send and recieve mail, so this part is
    good.
    I did try to open these ports on the router; 25 ,22,443,4002
    and I did forward these ports to one of my servers. but when I try to
    telnet any of these port I get no anserw at all or when I try to
    access my server (SBS 2003) with remote desktop (port 4002)no
    connection is made.
    I send you a copy of the router configuration,maybe some of you can
    see some mistake in it.
    Please let me know where is the problem. ( I did change the IP's for
    security reson).


    myrouter#sh run
    Building configuration...


    Current configuration : 4694 bytes
    !
    version 12.4
    no parser cache
    service nagle
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname mydomain
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 $1$QRTEUHN$Sb83SiFXpstr562NA/1iQZ/
    950
    !
    aaa new-model
    !
    !
    aaa authentication login userauthen
    local
    aaa authorization network groupauthor
    local
    !
    aaa session-id common
    !
    resource policy
    !
    no ip source-route
    ip cef
    !
    !
    !
    !
    ip tcp mss 1400
    no ip domain lookup
    ip domain name mydomain.com
    ip inspect name myfw cuseeme timeout
    3600
    ip inspect name myfw http timeout
    3600
    ip inspect name myfw rcmd timeout
    3600
    ip inspect name myfw realaudio timeout
    3600
    ip inspect name myfw tftp timeout
    30
    ip inspect name myfw udp timeout 15
    ip inspect name myfw tcp timeout
    3600
    ip inspect name myfw h323 timeout
    3600
    !
    !
    !
    username johndo secret 5 $1$LJB.$ty/
    MZ6auSm3khkhAIMGeTsF/
    username test secret 5 $1$ub5k$b/
    nmlDv4eMdRpKertyueEDL1
    !
    !
    !
    crypto isakmp policy 3
    encr 3des
    authentication pre-share
    group 2
    !
    crypto isakmp policy 10
    authentication pre-share
    group 2
    crypto isakmp keepalive 10
    !
    crypto isakmp client configuration group
    groepje1
    key 427sieb1
    pool ippool
    !
    !
    crypto ipsec transform-set transset1 esp-3des esp-md5-
    hmac
    !
    crypto dynamic-map dynmap 10
    set transform-set transset1
    !
    !
    crypto map crypmap1 client authentication list
    userauthen
    crypto map crypmap1 isakmp authorization list
    groupauthor
    crypto map crypmap1 client configuration address
    respond
    crypto map crypmap1 20 ipsec-isakmp dynamic
    dynmap
    !
    !
    !
    !
    interface BRI0
    no ip address
    encapsulation hdlc
    shutdown
    !
    interface ATM0
    no ip address
    no ip route-cache cef
    no ip route-cache
    no ip mroute-cache
    no atm ilmi-keepalive
    pvc 0 8/48
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    dsl operating-mode auto
    !
    interface FastEthernet0
    !
    interface FastEthernet1
    !
    interface FastEthernet2
    !
    interface FastEthernet3
    !
    interface Vlan1
    ip address 10.0.0.190
    255.255.255.0
    ip access-group 102 in
    ip nat insi
    ip inspect myfw in
    ip virtual-reassembly
    no ip route-cache cef
    no ip route-cache
    no ip mroute-cache
    hold-queue 100 out
    !
    interface Dialer1
    ip address negotiated
    ip access-group 113 in
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    ppp authentication pap callin
    ppp pap sent-username j...@xs4all.net password 7
    66141601034200555953
    crypto map crypmap1
    !
    ip local pool ippool 192.168.10.100
    192.168.10.110
    ip route 0.0.0.0 0.0.0.0 Dialer1
    permanent
    !
    !
    no ip http server
    no ip http secure-server
    ip nat inside source static tcp 10.0.0.56 7 interface Dialer1
    7
    ip nat inside source static udp 10.0.0.56 7 interface Dialer1
    7
    ip nat inside source route-map nonat interface Dialer1
    overload
    ip nat inside source static tcp 10.0.0.190 22 interface Dialer1
    22
    ip nat inside source static tcp 10.0.0.180 25 interface Dialer1
    25
    ip nat inside source static tcp 10.0.0.180 443 interface Dialer1
    443
    ip nat inside source static tcp 10.0.0.180 110 interface Dialer1
    110
    ip nat inside source static tcp 10.0.0.180 4002 interface Dialer1
    4002
    !
    access-list 23 permit 82.66.199.22
    access-list 23 permit 212.222.20.0
    0.0.0.255
    access-list 23 permit 10.0.0.0
    0.0.0.255
    access-list 102 permit ip 10.0.0.0 0.0.0.255
    any
    access-list 102 permit ip 192.168.10.0 0.0.0.255
    any
    access-list 102 permit esp any any
    access-list 105 deny ip 10.0.0.0 0.0.0.255 192.168.10.0
    0.0.0.255
    access-list 105 permit ip 10.0.0.0 0.0.0.255
    any
    access-list 112 permit tcp any any eq
    smtp
    access-list 112 permit tcp any any eq 443
    access-list 112 permit tcp any any eq pop3
    access-list 112 permit tcp any any eq
    4002
    access-list 112 permit ip host 82.62.160.105
    any
    access-list 112 deny ip any any
    access-list 113 permit ip 192.168.10.0 0.0.0.255
    any
    access-list 113 permit esp any any
    access-list 113 permit udp any any eq
    isakmp
    access-list 113 permit tcp host 82.66.199.22 any eq 22
    access-list 113 permit tcp 213.222.20.224 0.0.0.7 any eq 22
    access-list 113 permit tcp host 193.172.44.45 eq tftp-data any
    access-list 113 permit tcp host 194.151.107.40 eq tftp-data any
    access-list 113 permit tcp host 194.151.107.44 eq tftp-data any
    access-list 113 permit icmp any any
    access-list 113 permit tcp any any eq echo
    access-list 113 permit udp any any eq echo
    access-list 113 deny ip any any
    access-list 115 permit ip any any
    access-list 115 permit esp any any
    dialer-list 1 protocol ip permit
    !
    !
    !
    route-map nonat permit 10
    match ip address 105
    !
    !
    control-plane
    !
    !
    line con 0
    --More--


  2. Re: Probleem with port forwarding

    On Wed, 31 Jan 2007 03:40:07 -0800, shahin wrote:

    > Hi guys,
    >
    > I need your help on port forwarding on CISCOrouter,
    > I am new to configuring CISCO router, any way I did configuer my
    > router, now I can internet and send and recieve mail, so this part is
    > good.
    > I did try to open these ports on the router; 25 ,22,443,4002
    > and I did forward these ports to one of my servers. but when I try to
    > telnet any of these port I get no anserw at all or when I try to
    > access my server (SBS 2003) with remote desktop (port 4002)no
    > connection is made.
    > I send you a copy of the router configuration,maybe some of you can
    > see some mistake in it.
    > Please let me know where is the problem. ( I did change the IP's for
    > security reson).


    RWW is 4125
    Remote desktop is 3389
    SMTP is 25
    SSL is 443
    FTP is 21 and 20, but it can also use ports > 1024 in some
    instances.

    --
    Leythos
    spam999free@rrohio.com (remove 999 for proper email address)

  3. Re: Probleem with port forwarding

    On 31 jan, 12:51, Leythos wrote:
    > On Wed, 31 Jan 2007 03:40:07 -0800, shahin wrote:
    > > Hi guys,

    >
    > > I need your help on port forwarding on CISCOrouter,
    > > I am new to configuring CISCO router, any way I did configuer my
    > > router, now I can internet and send and recieve mail, so this part is
    > > good.
    > > I did try to open these ports on the router; 25 ,22,443,4002
    > > and I did forward these ports to one of my servers. but when I try to
    > > telnet any of these port I get no anserw at all or when I try to
    > > access my server (SBS 2003) with remote desktop (port 4002)no
    > > connection is made.
    > > I send you a copy of the router configuration,maybe some of you can
    > > see some mistake in it.
    > > Please let me know where is the problem. ( I did change the IP's for
    > > security reson).

    >
    > RWW is 4125
    > Remote desktop is 3389
    > SMTP is 25
    > SSL is 443
    > FTP is 21 and 20, but it can also use ports > 1024 in some
    > instances.
    >
    > --
    > Leythos
    > spam999f...@rrohio.com (remove 999 for proper email address)- Tekst uit oorspronkelijk bericht niet weergeven -
    >
    > - Tekst uit oorspronkelijk bericht weergeven -


    Hi Leythos,

    thanks for update,
    but you didn't anserw my question, is the configuration ok? becuse I
    can not telnet these ports.


+ Reply to Thread