Re: Cisco 806 Help

From: Jeff Grossman (jeff@stikman.com)
Date: 06/04/02 

From: Jeff Grossman <jeff@stikman.com>
Date: Mon, 03 Jun 2002 22:18:46 GMT

Jeff Grossman <jeff@stikman.com> wrote:
> Thanks for the information. I guess I am not making myself very clear.
> Which I am not. I have read the documentation that came with the router,
> and have figured out a couple of things. But, I was looking for some
> sites which might have some examples that are close to my setup. Here is
> what I am trying to do:
>
> My ISP has supplied me with 5 new IP numbers. Lets say they are
> 168.1.1.5, 168.1.1.6, 168.1.1.7, 168.1.1.8, and 168.1.1.9. The subnet
> mask is 255.255.255.248 with a gateway of 168.1.1.4
>
> 1. I want to use 168.1.1.5 as a NAT address to all of my computers in the
> office. I am using 192.168.168.* as the internal addresses of my network.
> The router will become 192.168.168.254.
>
> 2. I want all traffic destined for IP number 168.1.1.6 to go to internal
> IP 192.168.168.15 via One To One NAT. But, I only want to open up ports
> 25, 110, and 143 for that particular IP.
>
> 3. I want all traffic destined for IP number 168.1.1.7 to go to internal
> IP 192.168.168.229 via One To One NAT. But, I only want to open up port
> 123 for that particular IP.
>
> 4. I will not be using the last two IP's as this time. But, might
> configure more One To One NAT for those.
>
> Does anybody have a site which could show me an example configuration for
> that, or can anybody help me with this setup?
>
Okay, I think I have most of it figured out now. But, these access-lists
are killing me. I was able to ping my gateway, but now I can't. I can't
figure out the access-lists for getting my clients to see the internet.

Jeff 

---
Jeff Grossman (jeff@stikman.com)

Relevant Pages

  • Re: Microsoft Worm
    ... > securing their machines and who require full access to the internet. ... > every provider imposed NAT on their customers and started blocking ports, ... As for NAT, I've always had a NAT system on my home internet connection ...
    (alt.computer.security)
  • Re: EBS 2008, TMG and external firewall. Dont want double NAT
    ... This is done because Exchange is bound to the internal interface and leaves the external interface to be *completely* controlled by TMG...a good security guideline by the way. ... If you are disabling NAT then you'll need to change this from a publishing rule to an access rule, but it should still work fine. ... The first is an access rule allows traffic from the internal IP to the external interface and to the messaging server ... One of the default rules is an "internet access for all users" that allows http and https by default. ...
    (microsoft.public.windows.server.sbs)
  • Re: Routing and Remote Access NAT - I need to modify TTL
    ... with two interfaces: PUBLIC (internet) and PRIVATE ... use it as a gateway, they can access hosts on the PUBLIC interface, TTL is ... but the replay that comes back to the NAT ... They relay on the fact that client computers accept packets with TTL=0, ...
    (microsoft.public.windows.server.networking)
  • Re: Routing and Remote Access NAT - I need to modify TTL
    ... with two interfaces: PUBLIC (internet) and PRIVATE ... use it as a gateway, they can access hosts on the PUBLIC interface, TTL is ... but the replay that comes back to the NAT ... They relay on the fact that client computers accept packets with TTL=0, ...
    (microsoft.public.windows.server.networking)
  • =?iso-8859-1?Q?Re:_VPN_zur_LAN-=B4LAN=B4_Kopplung=3F?=
    ... User, hat aber ein NAT davor, das alle Ports zu macht. ... Aus dem Internet kommt also nichts durch :-( ... Open VPN hatte ich mir schon mal angeschaut. ...
    (microsoft.public.de.german.windows.server.networking)