Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1 post

Wannabe Geek


#153881 11-Oct-2014 04:45
Send private message

Hi

I have set up my CISCO 887 ADSL router and it works for internet traffic i.e. machines on my inside network can get on the internet OK.
I have added a port forward for remote desktop on port 3389 to redirect to a local machine and this also works i.e. I can RDT into the machine in my network on 10.1.0.4.

What I need to do now is lock down the port forwarding ive set up on 3389 so it only accepts traffic from a single static ip address.

This is the config I have so far
Dialer ....
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 ip nat outside
 ip virtual-reassembly in
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp chap hostname
 ppp chap password 0
 no cdp enable
!
Routing...
!
ip nat inside source list 100 interface Dialer0 overload
ip nat inside source static tcp 10.1.0.4 3389 interface Dialer0 3389
ip route 0.0.0.0 0.0.0.0 Dialer0
!
Access List...
access-list 100 permit ip 10.1.0.0 0.0.0.255 any

So what I think I need to do is to modify...
ip nat inside source static tcp 10.1.0.4 3389 interface Dialer0 3389
to something like
ip nat inside source static tcp 10.1.0.4 3389 xxx.xxx.xxx.xxx 3389 where xxx.xxx.xxx.xxx 3389 is my fixed IP i want to allow traffic from.

I have tried this any if I replace Dialer0 with an IP address, it just doesn't work.

If anyone has any ideas or links it would be much appreciated

thanks

Andy

Create new topic
463 posts

Ultimate Geek


  #1151696 11-Oct-2014 08:59
Send private message

I'm a bit rusty on Cisco, but I don't believe you can control it like that from the NAT config.  I'd look at setting up a firewall ACL (probably a good idea anyway), and allowing 3389 inbound from your trusted source.

Create new topic




News »

Freeview On Demand app launches on Sony Android TVs
Posted 6-Aug-2020 13:35


UFB hits more than one million connections
Posted 6-Aug-2020 09:42


D-Link A/NZ extends COVR Wi-Fi EasyMesh System series with new three-pack
Posted 4-Aug-2020 15:01


New Zealand software Rfider tracks coffee from Colombia all the way to New Zealand businesses
Posted 3-Aug-2020 10:35


Logitech G launches Pro X Wireless gaming headset
Posted 3-Aug-2020 10:21


Sony Alpha 7S III provides supreme imaging performance
Posted 3-Aug-2020 10:11


Sony introduces first CFexpress Type A memory card
Posted 3-Aug-2020 10:05


Marsello acquires Goody consolidating online and in-store marketing position
Posted 30-Jul-2020 16:26


Fonterra first major customer for Microsoft's New Zealand datacentre
Posted 30-Jul-2020 08:07


Everything we learnt at the IBM Cloud Forum 2020
Posted 29-Jul-2020 14:45


Dropbox launches native HelloSign workflow and data residency in Australia
Posted 29-Jul-2020 12:48


Spark launches 5G in Palmerston North
Posted 29-Jul-2020 09:50


Lenovo brings speed and smarter features to new 5G mobile gaming phone
Posted 28-Jul-2020 22:00


Withings raises $60 million to enable bridge between patients and healthcare
Posted 28-Jul-2020 21:51


QNAP integrates Catalyst Cloud Object Storage into Hybrid Backup solution
Posted 28-Jul-2020 21:40



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.