Jump to content

routing through a cisco router

rstainforth

By rstainforth
in Networks and the Internet

 Share

Recommended Posts

rstainforth

rstainforth

Posted
Posted

Hi all,

I have a cisco 1700 series router, and was wondering if anyone could point me in the right direction for routing remote desktop requests from outside into my home pc?

At the moment I have two pc's and a laptoip behind the router, NAT'ed to my public facing IP, and the only way I can connect to my home machine when I'm at work is to use the corporate VPN connection, however if I'm working on something at home and need to reboot I lose the VPN, or if I want to test something from my home pc (perhaps becasue the network users are complaining they are unable to access a resource over the vpn) I can't do it.

What I'm looking for is the configuration commands to allow a remote desktop to my IP (say 199.99.99.99) to be routed automatically to my PC rather than the kids or the good ladies (so straight to 192.168.1.2 rather than any other).

Any help is appreciated!

oh, and please don't tell me to "google" it, because I'm far too lazy lol

Link to comment
Share on other sites

rendrag

rendrag

Posted
Posted

i've never configured that specific router, but all you would have to do would be to configure a request coming into your router over UDP port 3389 be forwarded directly to your PC at work (if I understand the question)

Link to comment
Share on other sites
CptMurphy

CptMurphy

Posted
Posted (edited)

Well, you are proabably using NAT with overload right? Just add an access list. I'm basing this on what I think you are looking for.

access-list 101 permit ip 199.99.99.99 0.0.0.0 192.168.1.2 0.0.0.0 eq 3389
access-list 101 deny ip 199.99.99.99 0.0.0.0 192.168.1.0 0.0.0.255
access-list 101 permit any any

Change the 3389 if you need to. When your work PC tries to access your LAN, the router will check this ACL, if it sees that the first entry works it routes it to your PC. The second entry is just to make it so that your work PC wont access the rest of your LAN incase, for whatever reason, the first entry doesn't match. So this protects you from accidentally accesing the kid's or the good ladie's PCs. The last entry is to make sure that other traffic gets in. I don't remember about the second ACL entry, you may need to define a port, but I don't think so.

Edited by CptMurphy
Link to comment
Share on other sites
rstainforth

rstainforth

Posted
  • Author
Posted
Well, you are proabably using NAT with overload right? Just add an access list. I'm basing this on what I think you are looking for.

access-list 101 permit ip 199.99.99.99 0.0.0.0 192.168.1.2 0.0.0.0 eq 3389
access-list 101 deny ip 199.99.99.99 0.0.0.0 192.168.1.0 0.0.0.255
access-list 101 permit any any

Change the 3389 if you need to. When your work PC tries to access your LAN, the router will check this ACL, if it sees that the first entry works it routes it to your PC. The second entry is just to make it so that your work PC wont access the rest of your LAN incase, for whatever reason, the first entry doesn't match. So this protects you from accidentally accesing the kid's or the good ladie's PCs. The last entry is to make sure that other traffic gets in. I don't remember about the second ACL entry, you may need to define a port, but I don't think so.

Sweet, thanks!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...