How come I can't telnet to my router? [7:42444]

2002-04-24 Thread Ricky Chan 

Hi all,

I configured a cisco 2600 router behind a ADSL router. It is working
perfect, but I can't telnet to my router from outside, it said the target
machine actively refused it. I pasted my router's configuration below,
please advice. 

Thanks

Ricky



!
version 12.2
no service pad
service tcp-keepalives-in
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname DSL
!
enable secret 5 $1$fJh4$53q/uqBz6lsMHGhw.ex49.
!
ip subnet-zero
!
!
ip name-server 141.155.0.68
ip name-server 141.154.0.68
ip name-server 10.0.0.1
ip dhcp excluded-address 10.0.0.200
!
ip dhcp pool dsl
   import all
   network 10.0.0.0 255.255.255.0
   default-router 10.0.0.200 
   dns-server 141.155.0.68 141.154.0.68 10.0.0.1 
!
vpdn enable
!
vpdn-group ppoe
 request-dialin
  protocol pppoe
!
!
!
!
!
!
!
!
fax interface-type fax-mail
mta receive maximum-recipients 0
!
!
!
!
interface Ethernet0/0
 ip address 10.0.0.200 255.255.255.0
 ip nat inside
 ip route-cache flow
 ip tcp adjust-mss 1452
 full-duplex
!
interface Serial0/0
 no ip address
 shutdown
!
interface Ethernet0/1
 no ip address
 ip route-cache flow
 no keepalive
 half-duplex
 pppoe enable
 pppoe-client dial-pool-number 1
!
interface Serial0/1
 no ip address
 shutdown
!
interface Dialer1
 ip address negotiated
 ip mtu 1492
 ip nat outside
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 2
 ppp authentication chap callin
 ppp chap hostname [EMAIL PROTECTED]
 ppp chap password 7 11243026324158
!
router eigrp 100
 network 10.0.0.0
 network 192.168.100.0
 no auto-summary
 no eigrp log-neighbor-changes
!
ip nat inside source list 1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
no ip http server
ip pim bidir-enable
!
!
access-list 1 permit 10.0.0.0 0.0.0.255
access-list 2 permit any
access-list 3 deny   any
dialer-list 2 protocol ip permit
dialer-list 2 protocol ipx permit
no cdp advertise-v2
!
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
line con 0
 exec-timeout 5 0
line aux 0
line vty 0 4
 exec-timeout 5 0
 password 7 051C050720
 login local
!
!
end




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42444t=42444
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How come I can't telnet to my router? [7:42444]

2002-04-24 Thread Chris Charlebois 

It's because you are running NAT overloaded.  It assumes that all traffic it
receives on the dialer interface is destined for a machine on the inside and
not for itself.  Since there is no static mapping, and no dynamic mapping
for telnet, it is refused.  That is assuming you are coming in over the
dialer interface.



Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42446t=42444
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How come I can't telnet to my router? [7:42444]

2002-04-24 Thread Chris Charlebois 

Oh, how rude of me.  I explained the problem without offering a solution. 
The easiest (and least likely, considering it appears to be residencial DSL)
is multiple IP addresses.  A secondary address that is not a part of the NAT
pool could be addressed from the outside.  The next easiest (I hesitate to
say next best, becuase this option is more secure) solution is to create a
static NAT map for telnet (port specific) to an internal box (anything with
telnetd will work).  Then you can telnet from there to the ethernet
interface of the router.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42447t=42444
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

RE: How come I can't telnet to my router? [7:42444]

2002-04-24 Thread Michael Williams 

Ricky Chan wrote:
 
 Hi all,
 
 I configured a cisco 2600 router behind a ADSL router.

You have your 2660 behind an ADSL Router?  or ASDL Modem?  If you're behind
a DSL router, then you're more than likely being NATed by the DSL router, in
which case you need to create a static port mapping that would send all
incoming (from the internet) traffic on port 23 to go to the IP of the router.

Mike W.


Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=42452t=42444
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]