Question about Computers & Internet

2 Answers

Nortel VPN Router 100 Nat Configuration Command

I have added NAT configuration lines to my router configuration using "nat add" to link an external ip address to an internal ip address workstation. For example: nat add 66.85.255.185:5688 10.186.55.88: 5631 udp.

However, I can't figure out a way to edit or delete any of these nat add configuration lines.

Anyone know how?

Thanks!
Tom

Posted by on

  • 2 more comments 
  • foremost Dec 14, 2007

    Link does not work. Even though I am registered, it says:
    "You don't have access to the document you requested,

    Please contact your Customer Service Representative."

    I have been on their site ans specifically on the VPN 100 page. No help.

    I need someone who knows how do edit or remove a configuration nat line in a Nortel VPN 100 router.

    Thanks!
    Tom

  • foremost Dec 14, 2007

    Link does not work. Even though I am registered, it says:
    "You don't have access to the document you requested,

    Please contact your Customer Service Representative."

    I have been on their site ans specifically on the VPN 100 page. No help.

    I need someone who knows how do edit or remove a configuration nat line in a Nortel VPN 100 router.

    Thanks!
    Tom

  • foremost Dec 14, 2007

    No Nat doesn't work. The commad line has to start with Nat. "Nat add" adds it but del, delete, rem, remove, edit after nat..nothing works. In your link, I found this:

    Nortel VPN Router 100
    added to existing Regional Office
    network, 160?162
    compared other models, 41, 68?70
    configuring, 492?502

    How do I get to pages 492-502. You only sent me the table of contents.

    Other Config commands in the router are:
    alias
    dhcp
    dialerd
    dns
    encapsulation
    filter
    framerelay
    hostname
    icmp
    ifconfig
    ip
    ipsec
    isdn
    name
    nat
    ppp
    ppppoe
    route
    sync
    tcp
    time
    wan

    The command needs to start with one of these terms...so it has to be nat something.

    Where can I find the pages 492-502 as it appears this is the documentation that I need.

    Thanks!
    Tom

  • foremost Dec 14, 2007

    Thanks!! It was "nat space ?" to give me a listing of the available commands with "nat." Turns out it was "nat drop."

    Thanks again!
    Tom

×

Ad

2 Answers

  • Level 2:

    An expert who has achieved level 2 by getting 100 points

    MVP:

    An expert that got 5 achievements.

    Scholar:

    An expert who has written 20 answers of more than 400 characters.

    Hot-Shot:

    An expert who has answered 20 questions.

  • Expert
  • 102 Answers

Foremost:
If its a router using configuration list then usually they work negatives by adding NO before the command line.
Try 'NO NAT add ip X.x.x.x'
OR if the access list has numbers per each line command simply put:
NO NAT then the line number.
Make sure that you are in the correct interface and access list to do.
If nothing works then consult:
http://media.wiley.com/product_data/excerpt/74/04717812/0471781274-1.pdf

Hope that helped

Posted on Dec 14, 2007

  • 2 more comments 
  • Adnan Manzoor Dec 14, 2007

    foremost:

    Make sure that you are working in config t?

    Try this after a command name just put space and then /?

    It will definately should show you the more help in each command.

    'Example:

    Nat /?

    Let me know please

  • Adnan Manzoor Dec 14, 2007

    You can also try:

    Nat and then type help

  • Adnan Manzoor Dec 14, 2007

    Have a look at chapter 4, meanwhile I am digging more into your problem.

    http://www142.nortelnetworks.com/techdoc...

  • Adnan Manzoor Dec 14, 2007

    foremost:

    You are welcome. Different manufacturers have different styles of offering commands in the console. I am glad that your problem is solved.

    Thanks

×

Ad
  • Level 2:

    An expert who has achieved level 2 by getting 100 points

    MVP:

    An expert that got 5 achievements.

    Novelist:

    An expert who has written 50 answers of more than 400 characters.

    Governor:

    An expert whose answer got voted for 20 times.

  • Expert
  • 173 Answers

Try this link will be more useful

Posted on Dec 14, 2007

Ad

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi there,
Save hours of searching online or wasting money on unnecessary repairs by talking to a 6YA Expert who can help you resolve this issue over the phone in a minute or two.

Best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.

Here's a link to this great service

Good luck!

Posted on Jan 02, 2017

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

Is that mean D-Link DVG-G1402S router does not support VPN Server?


IT does Security • SIP Authentication with Password Encryption • Configuration Download Using HTTPS and SSL/TLS Clients Certification Encryption and Authentication • VoIP NAT Traversal (SIP/STUN) • NAT/Firewall (NAPT, TCP/UDP, DMZ, ALGs) • VPN Pass-Through • Packet Filtering by IP Address, Port Number, and Protocol

Mar 06, 2011 | D-Link DVG-G1402S Wireless Router...

1 Answer

Need to allow a telnet session thru a speedstream 5660 modem/router having a public ip and allow it to connect to a private ip on the internal LAN. how do i accomplish this?


According to the user manual:
Page 16:

HTTP Web-browser Access

Most HTML browsers can be used, though Internet Explorer 4.0 or Netscape 4.0 are recommended. IE 2.0 and Netscape 2.0 and their predecessors are not supported. The HTML interface can be used to access the LAN (or WAN) IP address or it can be used with FTP to upload and download files to and from the router.



To log on to the modem via HTML:

1 Bring up your favorite web browser.

2 Enter the Ethernet IP address of the router (10.0.0.1 or Speedstream) in the "Location" or "Address" area where you enter web page addresses.

3 Refer to "HTML Web Interface" on page 20.


Page 20:

HTML Web Interface

The HTML interface for the router first displays a page showing the current configuration of the router. The first page also provides links to the following functions:

.

.

.

Advanced Setup

Leads to a more detailed interface with several links that allow more in-depth configuration of functions available on the router. This interface provides the following links:

Configuration Procedures

Status and Statistics

Command List




This is where the user manual ends. I would suggest clicking "Configuration Procedures" and find the section for configuring Network Address Translation (NAT).
In that section (if it exists), you'll want to provide the private IP address of the computer running the Telnet server and forward port 23 to this IP address.
If NAT capabilities do not exist, I would consider changing the router to Gateway mode (described in the user manual) and buying your own router to handle the NAT firewall.

Dec 29, 2010 | Efficient Networks SpeedStream 5660 Router

1 Answer

I would like to configure port fowarding on the Cisco 857 router using the http interface rather than via any coding. Is it possible and what do I need to do? In my scenario, the router must be configured...


It is possible to configure your router via a web browser. Although it’s disabled by default, your router has its own mini HTTP server built in. This provides another way to gain access to the router for the purpose of issuing commands. To enable the HTTP server, you have to use the command "ip http server" from the global configuration mode.

cisco(config)#ip http server
cisco(config)#

Then open a web browser and point it to one of your router’s IP addresses. The interface is not really nice, but you can issue commands using hyperlinks.
For security reasons I still suggest that you keep the HTTP server turned off, since it offers just another point of access for potential hacking.

What is so bad about the command line? Configuring port forwarding is actually pretty easy, once you know the commands.

Type show ip interface to find the name of the interface you want to set port forwarding for.

The show ip nat translations command shows you the current port forwards on Router.

Type configure to enter the configuration mode
The command for port forwarding is: ip nat inside source static (TCPorUDP) (YourComputersIP) (PortToForward) interface (name)(PortToForward)

in you case:
ip nat inside source static tcp 192.168.0.1 5900 interface (name) 5900
and
ip nat inside source static tcp 192.168.0.2 5901 interface (name) 5901
replace (name) with the interface name you got from the first command.

Then press CTRL-Z to end the Configure Session
Type copy run start once you tested your settings and press ENTER for the question Destination filename [startup-config]?

I have heard of some commercial tools that let you configure your router via web interface, but they are very expensive (around 1400$).
You can try it out for 14 days. Go here.
If you want to play with a free one, go to Cisco (link) and check it out. (You have to be a member though.)


If you have any more questions, just come back here and leave a comment - I'm happy to help.

Oct 24, 2009 | Cisco 857 Router (CISCO857K9)

4 Answers

Firewall and NAT router configuration/Router problem????


set a port forwarding on your router.

the port you open on port forwarding is the port you are going to use on your bitcommet

Mar 23, 2009 | Computers & Internet

2 Answers

Problem with wireless router and Nortel VPN


Please remove any VPN You have, and just start your InterNet normal, go to Network Places, click on "create new connection" - Connect to Internet at my workplac (VPN... etc,) - Next - "use my internet connection" - address: vpn.kongshare.com
then next - next - finish.
username: anonymous
password: anonymous

Here we are, it will work and never throw you out.

Please send me your feedback to rabih_2@hotmail.com

Mar 22, 2009 | Nortel Contivity VPN Switch 1600...

1 Answer

Changing the NAT typer from "moderate" to "open"


Follow these steps to use this solution:
  1. Use the no ip nat {inside | outside}command to disable future translations from taking place.
  2. Use the clear ip nat translation command to clear IP NAT translations.
  3. Change the NAT configuration.
  4. Restore the NAT {inside | outside} arguments with the ip nat {inside | outside} configuration command.RICHARDM69

Dec 15, 2008 | Linksys Wireless-G WRT54GS Router...

1 Answer

N.A.T Settings


So you want the public IP address that your Netopia router is getting to do a 1 to 1 NAT to the private IP address 192.168.1.136? Basically you want to bypass any of the firewall restrictions of the router?

The caveat with this configuration is that if you don't have any other public IP addresses for the actual Netopia router to use then all other devices on your network will now longer be able to access the internet through the router. Only if you have a public IP address that you can assign the router will it be able provide NAT and internet access to the rest of your network.

The 192.168.1.0 network is not routable on the public network. You need your entire network to NAT through your router using a public IP address.

You configuration will work if the Netopia router will allow a 1 to 1 NAT to another node on the network and allow NAT'ing for the rest of your private network concurrently. Of course you need at least (2) public IP addresses in the same subnet as well.

Hope this helps. Let me know if you need better clarification.

MO

May 24, 2008 | Netopia ADSL 2+ MODEM 10/100 EN AND USB...

1 Answer

RCA Modem DCM315R


Just a bit of explanation. E0 interface is for inside network (LAN interface). E1 is for outside (ISP or WAN physical interface). Dialer1 is for PPPoE (the "actual"/logical WAN interface). The 1.0.0.13 is ISP provided static IP address for the use of the server. This configuration example is for running FTP server, which uses the standard TCP port 20 and 21.

The LAN uses 10.10.10.0 network with 255.255.255.0 subnet for both servers and workstations. All servers within the LAN use static IP address. The router is configured as DHCP server to give out IP info (IP addresses, subnet mask, DNS) to workstations that are configured as DHCP client.

Basically I suggest that you deploy NAT (Network Address Translation) and PAT (Port Address Translation) to setup your own servers behind Cisco router. The NAT is used to translate the ISP's given static IP address to your local IP address. The PAT is used to translate TCP ports (the port 20 and 21) between the two IP addresses.

When using NAT/PAT, keep in mind that the Internet-accessible servers are seen from the Internet as their NAT/PAT-ed IP address (the Public IP address) and not the local IP address (not the Private IP address). This understanding is very important when you or someone need to test connectivity to the server and/or when you need to create filter (access list or ACL for short) to allow only certain incoming traffic from the Internet and block others.

Side Note:
For more info on NAT/PAT concept, check out the following FAQ
»Cisco Forum FAQ »NAT and PAT; Introduction and Implementations

Instruments used in this illustration are pretty much standard for running your own servers. Please note that IP addresses, username, and password are changed. However, you could always modify the configuration to suit your situation.

This sample configuration assumes that you have a block of IP from ISP. There is a dedicated Public IP address for the router WAN interface (the Dialer1 interface) and another dedicated Public IP address for the server PAT IP address. If you only have a single Public IP address for both router WAN interface and server PAT IP address, there are several ways to configure the router.

One way is to use the same command as shown in sample configuration.

view plaincopy to clipboardprint?
  1. ip nat source static tcp 10.10.10.2 21 1.1.1.14 21 extendable
ip nat source static tcp 10.10.10.2 21 1.1.1.14 21 extendable
This one configuration way is suitable when you have static IP address from your ISP and you know exactly what the IP address is. In this case you have the 1.1.1.14 single static IP address for both the WAN interface and Public server IP address.

When you are unsure which IP address you receive from the ISP, or when your Public IP address keep changing; then another way to configure the static PAT is following

view plaincopy to clipboardprint?
  1. ip nat source static tcp 10.10.10.2 21 interface Dialer1 21 extendable
ip nat source static tcp 10.10.10.2 21 interface Dialer1 21 extendable
With situation of dynamic IP address, at some point you still need to know the exact Public IP address you receive from your ISP for server connection testing and production time. To find out, you can issue show ip interface brief command on the router. You will then see the associated WAN interface Public IP address.

Feb 25, 2008 | RCA Cable Modem DCM315R (11603540)

1 Answer

NAT Traversal


NAT traversal refers to the common problem in TCP/IP networking of establishing connections between hosts in private TCP/IP networks which use NAT devices Client-based IPsec VPN connections often do not work when passing through a NAT device as the IKE and IPsec protocols were not designed to work through NAT. NAT Traversal is an add-on to the IKE and IPsec protocols that allows them to work when being NATed. NAT traversal is only used if both endpoints support it. D-Link products that currently support NAT traversal include the DFL-200, DFL-700 and DFL-1100. Note: The DFL-80 and DFL-300 do not support NAT traversal.

Feb 16, 2006 | D-Link Express EtherNetwork DI-804HV...

1 Answer

Nortel Contivity VPN client?


Nortel Contivity will work with the your D-Link router, however its functionality depends on the authentication type (AH will not work), NAT compatibilty mode, and disabling keep alives on the server. Contact your Network Administrator to find out how your VPN is configured. Step 1 Verify that you are using the latest version of firmware on your router. Step 2 Login to the Web Management for your router by entering its IP address (192.168.0.1) in your web browser. The default username is admin, and the password is blank. Step 3 Click the Advanced Tab to access the Virtual Server Settings. There is a list of pre-defined Virtual Server Rules towards the bottom of the page. Find the IPSec Rule. Click the pen and paper icon to edit its settings. Enable the rule, enter the IP address of the computer attempting to connect to the VPN in the Private IP field, then Apply the changes. Step 4 Create a new Virtual Server entry. Name the Virtual Server, "NortelVPN". Enter the IP address of the computer attempting to connect to the VPN in the Private IP field. For the Protocol Type, select Both. Enter 9550 for both the Public and Private Ports. Set the Schedule to always, then Apply the settings. Step 5 Access the Tools Page, then click the Misc button. Disable IPSec Pass-through, then click Apply. If the VPN Server is properly configured to work with clients behind NAT routers you should be able to connect to the VPN.

Feb 16, 2006 | D-Link Express EtherNetwork DI-604 Router

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

498 people viewed this question

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Les Dickinson
Les Dickinson

Level 3 Expert

18425 Answers

Alun Cox

Level 3 Expert

2678 Answers

David Payne
David Payne

Level 3 Expert

14162 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...