Announcement

Collapse
No announcement yet.

Cisco 831 forward problem - access-list????

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cisco 831 forward problem - access-list????

    version 12.4
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname xxxxxxxxxxxxxxxxxxxx
    !
    boot-start-marker
    boot-end-marker
    !
    no logging buffered
    enable secret 5 XXXXXXXXXXXXXXXXXXXXXXX
    !
    no aaa new-model
    !
    resource policy
    !
    no ip dhcp use vrf connected
    no ip dhcp conflict logging


    ip dhcp excluded-address 192.168.1.1 192.168.1.99
    ip dhcp excluded-address 192.168.1.151 192.168.1.254
    !
    ip dhcp pool CLIENT
    network 192.168.1.0 255.255.255.0
    domain-name test.net
    dns-server (dns1) (dns2)
    default-router (gateway ip)
    !
    ip dhcp pool FISSO
    host 192.168.1.133 255.255.255.0
    client-identifier 0100.0d87.a3b2.0a
    client-name FISSO
    lease 0 1
    !
    ip dhcp pool ACER-DJ
    host 192.168.1.115 255.255.255.0
    client-identifier 0100.16d3.e29f.b4
    client-name Notebook1
    lease 0 1
    !
    !
    ip cef

    ip name-server (dns1)
    ip name-server (dns2)
    ip inspect name myfw ftp timeout 3600
    ip inspect name myfw realaudio timeout 3600
    ip inspect name myfw smtp timeout 3600
    ip inspect name myfw tftp timeout 30
    ip inspect name myfw udp timeout 15
    ip inspect name myfw tcp timeout 3600
    !
    !
    !
    username (myname) privilege 15 secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXX
    !
    !
    !
    !
    !
    interface Ethernet0
    ip address 192.168.1.200 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    no cdp enable
    hold-queue 32 in
    interface Ethernet1
    ip address (secondary public ip) 255.255.255.248 secondary
    ip address (primary public ip) 255.255.255.248
    ip nat outside
    ip virtual-reassembly
    duplex auto
    no cdp enable
    !
    interface Ethernet2
    no ip address
    shutdown
    !
    interface FastEthernet1
    duplex auto
    speed auto
    !
    interface FastEthernet2
    duplex auto
    speed auto
    !
    interface FastEthernet3
    duplex auto
    speed auto
    !
    interface FastEthernet4
    duplex auto
    speed auto
    !
    ip route 0.0.0.0 0.0.0.0 (gateway ip)
    no ip http server
    ip http authentication local
    no ip http secure-server
    ip http max-connections 4
    ip http timeout-policy idle 600 life 86400 requests 10000
    !
    ip nat inside source list 10 interface Ethernet1 overload
    ip nat inside source static tcp 192.168.1.115 80 (secondary public ip) 80 extendable
    !
    access-list 10 permit 192.168.1.0 0.0.0.255
    access-list 100 permit tcp any host 192.168.1.115 eq www
    access-list 111 permit icmp any any administratively-prohibited
    access-list 111 permit icmp any any echo
    access-list 111 permit icmp any any echo-reply
    access-list 111 permit icmp any any packet-too-big
    access-list 111 permit icmp any any time-exceeded
    access-list 111 permit icmp any any traceroute
    access-list 111 permit icmp any any unreachable
    access-list 111 permit udp any eq bootps any eq bootpc
    access-list 111 permit udp any eq bootps any eq bootps
    access-list 111 permit udp any eq domain any
    access-list 111 permit esp any any
    access-list 111 permit udp any any eq isakmp
    access-list 111 permit udp any any eq 10000
    access-list 111 permit tcp any any eq 1723
    access-list 111 permit tcp any any eq 139
    access-list 111 permit udp any any eq netbios-ns
    access-list 111 permit udp any any eq netbios-dgm
    access-list 111 permit gre any any
    access-list 111 deny ip any any
    access-list 112 deny tcp any any eq ftp
    access-list 112 permit ip any any
    !
    control-plane
    !
    !
    line con 0
    exec-timeout 120 0
    login local
    no modem enable
    stopbits 1
    line aux 0
    line vty 0 4
    access-class 23 in
    exec-timeout 120 0
    login local
    length 0
    !
    scheduler max-task-time 5000
    end

  • #2
    Re: Cisco 831 forward problem - access-list????

    Thanks for posting the config, but what's your QUESTION?
    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: Cisco 831 forward problem - access-list????

      Hi to all,

      i'm try to configure my cisco 831 but the port forwarding doesn't function.

      i want forward the 80 port of mi secondary public ip to local http server.


      Please help me

      Comment


      • #4
        Re: Cisco 831 forward problem - access-list????

        Looking at your configuration I see acl's defined but not applied and I see an acl on the vty ports but no corresponding acl. Not sure if this is an accurate replication of the configuration or if you are missing the need to apply the ACL's

        Comment

        Working...
        X