1. Home
  2. Cisco Systems
  3. port forwarding not working - here is my config!

port forwarding not working - here is my config!

ok friends, here is my cisco 831 config. ( thanks to the tftp freebie from the good folks at kiwi enterprises:

formatting link
)

What I want to do is forward the http traffic to my w2k web server on

10.10.10.161.

I am using verizon dsl service, dont have a static IP address. Currently my ip address is 141.153.133.251.

the last I checked, this is not working: http://141.153.133.251/demosite/page2.aspx any help is appreciated,

-Steve

----------------------------------------------------------

! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname Router ! no logging buffered enable secret 5 xxxxxxxxxxxxx ! username ... username ... ip subnet-zero ip name-server 151.198.0.39 ip name-server 151.197.0.39 ip dhcp excluded-address 10.10.10.1 ip dhcp excluded-address 10.10.10.160 10.10.10.254 ip dhcp excluded-address 10.10.10.161 ! ip dhcp pool CLIENT import all network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 lease 0 2 ! ip audit notify log ip audit po max-events 100 ! ! ! ! interface Ethernet0 ip address 10.10.10.1 255.255.255.0 ip nat inside ip tcp adjust-mss 1452 no cdp enable hold-queue 32 in hold-queue 100 out ! interface Ethernet1 no ip address pppoe enable pppoe-client dial-pool-number 1 no cdp enable ! interface Dialer1 ip address negotiated ip mtu 1492 ip nat outside encapsulation ppp ip tcp adjust-mss 1452 dialer pool 1 dialer-group 1 ppp authentication chap pap callin ppp chap hostname ... ppp chap password ... ppp pap sent-username ... ppp ipcp dns request ppp ipcp wins request ! ip nat inside source list 102 interface Dialer1 overload ip nat inside source static tcp 10.10.10.161 21 interface Dialer1 21 ip nat inside source static tcp 10.10.10.161 80 interface Dialer1 80 ip nat inside source static tcp 10.10.10.160 3008 interface Dialer1

3008 ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ip http server ! ! access-list 23 permit 10.10.10.0 0.0.0.255 access-list 102 permit ip 10.10.10.0 0.0.0.255 any dialer-list 1 protocol ip permit ! line con 0 exec-timeout 120 0 no modem enable stopbits 1 line aux 0 stopbits 1 line vty 0 4 access-class 23 in exec-timeout 120 0 login local length 0 ! scheduler max-task-time 5000 end
Reply to
Steve Richter
Loading thread data ...

Try this,

ip nat inside source static tcp 10.10.10.161 80 interface Ethernet1 80

It works for me in my 831.

I did change the IP address to yours, though. Other than that it is exactly the line in my 831.

Fred

Reply to
Fred Atkinson

done. still not working. do I have to reboot?

here is the latest config:

! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname Router ! no logging buffered enable secret ... ! username ... username ... ip subnet-zero ip name-server 151.198.0.39 ip name-server 151.197.0.39 ip dhcp excluded-address 10.10.10.1 ip dhcp excluded-address 10.10.10.160 10.10.10.254 ip dhcp excluded-address 10.10.10.161 ! ip dhcp pool CLIENT import all network 10.10.10.0 255.255.255.0 default-router 10.10.10.1 lease 0 2 ! ip audit notify log ip audit po max-events 100 ! ! ! ! interface Ethernet0 ip address 10.10.10.1 255.255.255.0 ip nat inside ip tcp adjust-mss 1452 no cdp enable hold-queue 32 in hold-queue 100 out ! interface Ethernet1 no ip address pppoe enable pppoe-client dial-pool-number 1 no cdp enable ! interface Dialer1 ip address negotiated ip mtu 1492 ip nat outside encapsulation ppp ip tcp adjust-mss 1452 dialer pool 1 dialer-group 1 ppp authentication chap pap callin ppp chap hostname ... ppp chap password ... ppp pap sent-username ... ppp ipcp dns request ppp ipcp wins request ! ip nat inside source list 102 interface Dialer1 overload ip nat inside source static tcp 10.10.10.161 21 interface Dialer1 21 ip nat inside source static tcp 10.10.10.161 80 interface Ethernet1 80 ip nat inside source static tcp 10.10.10.160 3008 interface Dialer1

3008 ip classless ip route 0.0.0.0 0.0.0.0 Dialer1 ip http server ! ! access-list 23 permit 10.10.10.0 0.0.0.255 access-list 102 permit ip 10.10.10.0 0.0.0.255 any dialer-list 1 protocol ip permit ! line con 0 exec-timeout 120 0 no modem enable stopbits 1 line aux 0 stopbits 1 line vty 0 4 access-class 23 in exec-timeout 120 0 login local length 0 ! scheduler max-task-time 5000 end
Reply to
Steve Richter

No. It should work.

Is there anything in an ACL applied to E1 or E0 that might prevent this from working?

Fred

Reply to
Fred Atkinson

I just noticed that there is no IP address associated with you Ethernet 1 port. You might want to check that. But how are you accessing the Internet without it?

Fred

Reply to
Fred Atkinson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.