1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Port forwarding in Cisco router

Discussion in 'Networking' started by mgerman, Nov 4, 2009.

Thread Status:
Not open for further replies.
Advertisement
  1. mgerman

    mgerman Thread Starter

    Joined:
    Jun 16, 2009
    Messages:
    12
    Hi all. I have very little experience with Cisco routers and was hoping to get some help. I'm trying to setup TightVNC for a client to use to remotely access their work computer. I have installed the "server" TightVNC module one the work system and the "Viewer" module on the remote system. I've checked and double checked TightVNC setup parameters and have found it needs ports 5800 & 5900 open (by default).
    Here's the stickler. They have a Netopia router. I found no model number on the unit. The SN is 32646660.
    I can access the routers internal IP address and I get a web based app called Cisco ADM 5.2(3). Device type: ASA5505,
    ASA version: 7.2(3).
    In the device, I went to the "Security" tab and added ports 5800, 5900 as "allowed" from interface "all" to interface "all".
    Then I went to port forwarding and specified for port 5800 TCP, incoming from WAN IP to forward to 192.168.1.50 which is the static IP address of the work system. Same setup with port 5900.
    I made sure both port numbers are open in firewalls on both computers.
    I can't get the remote machine to connect to the server.
    When I run a port test on the WAN address of the router, it shows the ports are still closed.
    Can anyone give me very explicit instructions for exactly how to setup the Cisco router to allow this?

    Thank you in advance!
    Marty
     
  2. zx10guy

    zx10guy Trusted Advisor

    Joined:
    Mar 30, 2008
    Messages:
    4,371
    It looks like you have two devices in your chain to get out to the internet. The Netopia router and a Cisco ASA 5505 firewall. I haven't played with the web GUI for the 5505 but there should have been a button to download the ASDM locally to your desktop and to be able to launch it.

    You need to map out your network as it doesn't seem like you know how these devices interact. The Netopia router could be in bridged mode or it can be running as a modem/router. You need to figure out what is happening here. Who configured the network for you? Cisco is getting better with having their devices run out of the box with a basic configuration, but you still have to do some minor configuration changes to get the firewall to work. The reference to interface "all" to interface "all" makes no sense. The PIX/ASA firewalls work off the notion you have to name each interface. Typically one interface is called inside and another called outside. Obviously, the outside interface is your WAN connection and the inside is your private side. You also have to set security levels for each interface.
     
  3. mgerman

    mgerman Thread Starter

    Joined:
    Jun 16, 2009
    Messages:
    12
    zx10guy, thank you for your reply. I think you're right that there must be 2 devices... the Cisco and the Netopia. This is a client's network that I was just called in on. I'm not very familiar with it yet.

    The IP address on the work computer is 192.168.1.50 (static). Ipconfig/all shows the gateway as 192.168.1.1. That's the IP I put in the web browser to access whichever device and I get the Cisco ASDM. The computer is physically connected to the Netopia. Doesn't that indicate the Netopia is in "pass through" mode and not affecting this?

    I'm going to go back over and look over the physical layout better but I'm tyring to get as much info as I can before I do.
    Forgetting what I said I did in the Cisco (I can delete my entries and start over), can you tell me how to set it up correctly?

    Thanks again,
    Marty
     
  4. zx10guy

    zx10guy Trusted Advisor

    Joined:
    Mar 30, 2008
    Messages:
    4,371
    The picture of the physical layout still doesn't jive. If the Netopia is acting as a modem to the ISP, the ASA should be connected to the Netopia and then the workstations would then connect up to the ASA. You need to get a thorough understanding of how the physical layout is of this network.

    Why are they asking you to do this? Obviously, they had someone at one point come in and configure their network for them.
     
  5. mgerman

    mgerman Thread Starter

    Joined:
    Jun 16, 2009
    Messages:
    12
    zx10guy:

    Yes they did used to have another IT company. I came in one day and found that none of their computers even had antivirus on them. They had been calling the company out every few weeks to "clean" up their systems and paying them outrageous bucks to do it.

    I'm taking care of it for them now. I do know what I'm doing, I just didn't get a chance to spend much time getting the layout down and was hoping to get some pointers on the Cisco before going back.

    I have my A+, Net +, MCP, MCSA & MCSE - Server 2003 certifications. I just don't have the Cisco experience or training.

    If anyone can give me any pointers with that, the Cisco setup, please do so. Thank you!

    Marty
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/874453