Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Weird Config 1

Status
Not open for further replies.
ntwrkrbkj

ntwrkrbkj

IS-IT--Management
Jun 2, 2003
58
Ok, I have my internet temporarily routed through a Linksys BEFVP41 router. The current setup is like this:

Internet -> BEFVP41 -> Cisco 3661

I have it like this while I am waiting for a new DSL connection to hook my PIX back up. Then, it will look like this:

Internet -> PIX -> Cisco 3661

In the meantime, however, I need to forward a couple ports and do some static mappings. As an example, one I tried to do was port 3389. The interface on the BEFVP41 is 192.168.1.1, and 192.168.1.2 is on the 3661. The 3661's internal interface is 10.1.1.1. Basically, trying to map NAT to NAT.

I created a forward on the BEFVP41 for port 3389 to 192.168.1.3. On the 3661, I created a NAT statement mapping 192.168.1.3 to 10.1.1.101 (the IP of the computer I want RDP to).

I can't get it to work, and it may be because I am stupid and you can't do it like that :), or maybe one of you can help make magic happen.

A+, i-Net+, MCSA, MCSE, CCNA
 
Sort by date Sort by votes
If 192.168.1.3 is not really configured, your Cisco 3661 will not know how to handle packets with this destination address. In other words port forward to fictious IP addresses does not work. How about creating a forward to 192.168.1.2 instead of 192.168.1.3? What masks are you using with 192.168.1.1 and 192.168.1.2?

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.
 
Upvote 0 Downvote
/24 mask

Well, the forward to .2 would be to the router's interface. But, if I were to define what port the map is actually to instead of just a general IP number, ie.

ip nat inside static 10.1.1.101 3389 192.168.1.2

Would that allow me to map another port to another node using the same 192.x.x.2 addy?

I see what you are saying about the .3 number, that was actually pretty stupid on my part, no device on the network would even have an ARP entry for that.

A+, i-Net+, MCSA, MCSE, CCNA
 
Upvote 0 Downvote
Would that allow me to map another port to another node using the same 192.x.x.2 addy?"

Yes it will, however your config is wrong. Port forwarding command syntax is:

ip nat inside source static tcp|udp INSIDE-IP INSIDE-PORT OUTSIDE-IP OUTSIDE-PORT

For you:

ip nat inside static tcp 10.1.1.101 3389 192.168.1.2 3389

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.
 
Upvote 0 Downvote
sorry not:

ip nat inside static tcp 10.1.1.101 3389 192.168.1.2 3389

but:

ip nat inside source static tcp 10.1.1.101 3389 192.168.1.2 3389

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.
 
Upvote 0 Downvote
Thanks, Peter, I will give it a try.

A+, i-Net+, MCSA, MCSE, CCNA
 
Upvote 0 Downvote
It worked liked a champ, thanks a ton, Peter.

A+, i-Net+, MCSA, MCSE, CCNA
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
682
BIS
BIS
Drug_Store
  • Locked
  • Question
Cisco 3560g 48ports PoE - config
Replies
1
Views
190
Drug_Store
Drug_Store
Tariq Habaybeh
  • Locked
  • Question
Cisco 881WD-E-K9 router configuration
Replies
1
Views
264
burtsbees
burtsbees
Solarlight1
  • Locked
  • Question
Cisco Config Help/IPSEC VPN
Replies
4
Views
289
ADB100
ADB100
keat63
  • Locked
  • Question
need config for 3550
Replies
9
Views
279
VinceWhirlwind
VinceWhirlwind

Part and Inventory Search

Sponsor

Back
Top