Guy...yes, you're correct - I mapped port 23 on the outside to 23 on a
loopback... and one of my study buddies just called and told me it's a new
'feature' of 12.1 and higher to deny incoming on the outside interface.
Some firewall feature gets enabled that prevents inbound telnet to the
outside interface unless that 'conduit' is opened using nat inside source
static. I might downgrade to 12.0 tonight to see if that's true.
-e-
----- Original Message -----
From: "Lupi, Guy"
To: "'EA Louie'" ;
Sent: Wednesday, September 19, 2001 2:03 PM
Subject: RE: NAT and Telnet [7:20362]
> Did you have to map port 23 of the outside interface to port 23 of the
> inside interface?
>
> Something like this:
>
> ip nat inside source static tcp 192.168.1.1 23 208.2.2.2 23
>
> -----Original Message-----
> From: EA Louie [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, September 19, 2001 1:28 AM
> To: [EMAIL PROTECTED]
> Subject: NAT and Telnet [7:20362]
>
>
> I posted this on the Lab list...but I thought some folks here might enjoy
> the
> challenge, too. (Apologies to those who are on both for the cross-post)
>
> I was going to post a "how to" question about NAT, but I figured it out so
I
> thought I'd share the information with the list and challenge you with the
> solution.
>
> When using the address of the outside interface as the NAT overload
address,
> I
> could not telnet into the router. I could ping, but the telnet sessions
> would
> time out.
>
> I came up with a solution - can any of you figure out what it was? And
does
> anyone know the reason that this happens?
>
> -e-
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=20466&t=20362
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
