Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Can't access ftp server from inside.

Status
Not open for further replies.
Cisco827

Cisco827

Technical User
Dec 10, 2002
4
DK
Hi all.
pleas help me, I have a ftp server on a Cisco 827, I can't access this from the inside, user from outside can access, what is missing in the NAT config, so that I can access from inside.
here is a dump of my config.



Current configuration:
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cisco_827
!
enable secret 5 XXXXXXXXXXXXXXXXXXXX
enable password XXXXXXXXX
!
!
!
!
!
ip subnet-zero
ip dhcp excluded-address 192.168.0.1
!
ip dhcp pool CLIENT
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
dns-server 212.242.40.3 212.242.40.51
!
!
!
bridge irb
!
!
!
interface Ethernet0
ip address 192.168.0.1 255.255.255.0
ip nat inside
no ip mroute-cache
!
interface ATM0
no ip address
no ip mroute-cache
no atm ilmi-keepalive
pvc 0/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
bundle-enable
dsl operating-mode auto
bridge-group 1
hold-queue 208 in
!
interface Dialer0
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
ppp authentication chap callin
ppp chap hostname XXXXXXXXX
ppp chap password 7 XXXXXXXXXXXXXXXXXXXXXX
!
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.0.2 21 XXX.XXX.XXX.XXX 21 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
no ip http server
!
access-list 1 permit 192.168.0.0 0.0.0.255
bridge 1 protocol ieee
bridge 1 route ip
!
line con 0
exec-timeout 0 0
transport input none
stopbits 1
line vty 0 4
exec-timeout 0 0
password XXXXXXXXX
login
!
scheduler max-task-time 5000
end

 
Sort by date Sort by votes
I had a similar problem with a 806 router Fixed it with:

ip nat inside source static 192.X.X.X interface Dialer0

now I just have to see what security issues this will bring up because NAT is running wide open, I'm using plenty of ACL's!

Also try: ip nat inside source static tcp 192.X.X.X 80 interface Dialer0 20 extended

My IOS version wouldn't use the 'extended' argument, so I'm curoius if it will work on yours.

The 800 series router don't seem to respond correctly to the commands in the Cisoc documentation when using PPP. Maybe somebody else can explain that one!

Stephen
Tis better to die on your feet than live on your knees!!!!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
Moving from Juniper SRX-240 to Cisco ??
Replies
0
Views
295
DTGMI
DTGMI
NavinNet
  • Locked
  • Question
Why 2 different mac addresses of a server are being shown of CISCO 6509E Layer-3 Switch ?
Replies
0
Views
218
NavinNet
NavinNet
Baze72
  • Locked
  • Question
Cisco 2800 Series can't login
Replies
7
Views
427
burtsbees
burtsbees
CDIV
  • Locked
  • Question
Use uplink port as access port 2960 1
Replies
9
Views
942
CDIV
CDIV
CDIV
  • Locked
  • Question
How do I enable SSH access in 2960x 1
Replies
4
Views
1K
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top