I have a Cisco 3725 that is being used along with several 2950 switches. One of the fast Ethernet ports on the 3725 is setup for subinterfaces. Each subinterface is configured for dot1q encapsulation for each respective VLAN, and a IP address from that pool is configured accordingly. I have omitted the ACL's and obscured the public static addresses in part of the 3725's configuration below.
My problem is, how do I configure the 3725 to give me remote access to each of the four 2950 switches. I would like to be able to telnet to the public IP of the 3725, and reach the Cisco 2950's via another port number. Any suggestions on how I can configure it that way?
ip dhcp excluded-address 10.1.0.1 10.1.0.3 ip dhcp excluded-address 10.2.0.1 10.2.0.3 ip dhcp excluded-address 10.3.0.1 10.3.0.3 ip dhcp excluded-address 10.4.0.1 10.4.0.3 ! ip dhcp pool vlan-101 network 10.1.0.0 255.255.0.0 dns-server X.X.X.X X.X.X.X default-router 10.1.0.1 255.255.0.0 lease 3 ! ip dhcp pool vlan-102 network 10.2.0.0 255.255.0.0 dns-server X.X.X.X X.X.X.X default-router 10.2.0.1 255.255.0.0 lease 4 ! ip dhcp pool vlan-103 network 10.3.0.0 255.255.0.0 dns-server X.X.X.X X.X.X.X default-router 10.3.0.1 255.255.0.0 lease 5 ! ip dhcp pool vlan-104 network 10.4.0.0 255.255.0.0 dns-server X.X.X.X X.X.X.X default-router 10.4.0.1 255.255.0.0 lease 4 ! interface FastEthernet0/0 ip address X.X.X.X 255.255.255.248 ip access-group p2p in ip access-group p2p out ip nat outside no ip mroute-cache speed 100 full-duplex no cdp enable ! interface FastEthernet0/1 no ip address ip access-group viral-stop in ip access-group viral-stop out no ip mroute-cache duplex auto speed auto no cdp enable ! interface FastEthernet0/1.1 encapsulation dot1Q 101 ip address 10.1.0.1 255.255.0.0 ip nat inside no snmp trap link-status no cdp enable ! interface FastEthernet0/1.2 encapsulation dot1Q 102 ip address 10.2.0.1 255.255.0.0 ip nat inside no snmp trap link-status no cdp enable ! interface FastEthernet0/1.3 encapsulation dot1Q 103 ip address 10.3.0.1 255.255.0.0 ip nat inside no snmp trap link-status no cdp enable ! interface FastEthernet0/1.4 encapsulation dot1Q 104 ip address 10.4.0.1 255.255.0.0 ip nat inside no snmp trap link-status no cdp enable ! interface GigabitEthernet1/0 no ip address no ip mroute-cache negotiation auto no cdp enable ! interface GigabitEthernet1/0.1 encapsulation dot1Q 498 no ip mroute-cache no snmp trap link-status no cdp enable ! interface Vlan1 no ip address no ip mroute-cache shutdown ! interface Vlan101 no ip address ! ip default-gateway X.X.X.X ip nat pool Station X.X.X.X X.X.X.X netmask 255.255.255.248 ip nat inside source list 5 pool Station overload no ip http server ip classless ip route 0.0.0.0 0.0.0.0 X.X.X.X