Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Jason on February 10, 2004, 07:13:05 AM

Title: Cisco Router
Post by: Jason on February 10, 2004, 07:13:05 AM

Hi,

I am new in SME and trying to setup a web/mail server for personal use.

My current setting is like this:

Dynamic IP(ISO)->Cisco 2514 router->SME Server(Server Only).

I had problem in port forwarding for Cisco Router. Is there any command to set port forwarding feature in the cisco router...

Thanks in advance.

 :-)

Title: Cisco Router
Post by: Bernt on February 10, 2004, 09:32:28 AM

This is how it looks in a Cisco PIX Ver 6.33 forwarding ftp and www to a SME server.

object-group service vv56srv tcp
  port-object eq ftp
  port-object eq www

static (inside,outside) tcp interface ftp 192.168.199.10 ftp netmask 255.255.255.255 0 0
static (inside,outside) tcp interface www 192.168.199.10 www netmask 255.255.255.255 0 0

conduit permit tcp any object-group vv56srv any

Title: Cisco Router
Post by: Bernt on February 10, 2004, 09:49:32 AM

Strange?

Title: Cisco Router
Post by: Jason on February 10, 2004, 02:28:21 PM

Hi Bernt,

Thanks for reply the mail...However, I realised that the ISP had blocked all the normal operation port for usage. So it is possibel to forward port 80 to port 3888 to sme server.

Also can the PIX command apply to the cisco router IOS 12.2 also..

Thanks alot...

Title: Cisco Router
Post by: Tudor36 on February 12, 2004, 06:26:46 AM

I don't think you will have to port forward on the router since it will pass all packets to the sme server/internal network with ip routing(static or dynamic routes).  If you are having trouble make sure you do not have any ACLs on the router inbound to the SME server.  

You may also have troubles with the SME firewall if you have it enabled.

I could also see the server not able to listen on the port you are sending it if other then 80.  One way I got around this was in the DNS tables at DYNDNS.org I had the data sent to the port of my desire, 8080 in my case. If the DNS option works you will have to have your server listen on the new port, 8080, or do PAT (Port Address Translation) with in your network.

should look like this:


Dynamic IP(ISO)<inbound port:8080>->Cisco 2514 router-><port:8080>PAT device-><port:80>SME Server(Server Only).

Title: Cisco Router
Post by: Jason on February 12, 2004, 09:58:04 AM

Below is my router configuration.

interface Ethernet0
 description Internet Connection (Cable)
 ip address dhcp
 ip nat outside
 no ip route-cache
 no ip mroute-cache
 no cdp enable
!
interface Ethernet1
 description LAN Connection
 ip address 192.168.16.254 255.255.255.0
 ip nat inside




ip nat inside source list 1 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 202.156.240.1 254
no ip http server
!
access-list 1 permit 192.168.16.0 0.0.0.255
access-list 1 remark used for NAT
access-list 1 remark used for NAT
access-list 1 remark used for NAT

I had permit all and didnt apply any ACL to the Inbound.

Need all the expert help out there...Thanks

Title: Cisco Router
Post by: Tudor36 on February 12, 2004, 05:04:06 PM

Did you look at PAT or dns redirect?

Title: Cisco Router
Post by: Jason on February 15, 2004, 03:03:51 PM

Hi Tudor36,

Had registered dyndns custom dns and forward the port but still dont know how to start..Anyone out there uses Cisco 2514 and successful forwarded the non standard Http port ? Can share the configuration with me...I dont own a firewall so PAT may not work..

Thanks to all