NAT / Port Forwarding WRV200

Similar Questions

• VPN site to Site with NAT and Port forwarding on a 871

  Hello

  Could someone please look at the config 871 router attached and tell me where I'm wrong!

  VPNs all work, work, BUT anyone trying to connect to a port that is sent through the VPN port forwarding fails.

  In the config attached Port 3389 (RDP) is sent to an internal server, if you connect to the external interface Internet connection is made and it works well, but if someone tries to connect to the IP address internal to that same server through VPN, it does not.

  We've added commands to stop working on the lines VPN NAT, but these do not seem to work.

  What Miss me?

  Thank you in advance and I will adjudicate all useful responses.

  It is a common problem. Yes you added controls to prevent NAT to work above the tunnel, but your static nat port to port 3389 takes precedence over the generic nat command, and there not all orders top to prevent it is nat would be above the tunnel.

  I wrote an example configuration for this some time, see here for more details:

  http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_configuration_example09186a0080094634.shtml

  If all goes well, he explains everything. Note that it is for a general order static host, not a static port that you have, but the concept is exactly the same. Just add a statement roadmap on the end of your static command of the port, and this route map - will reference an ACL that denies are used when going up above the tunnel.

• Airport of Port Forwarding is more?

  So I'm pretty new to this network thing. I don't know the technical network terms then please do not use (or at least their simplification). So I managed to set up my ASUS RT - something something router. I also put in some rules to sink my Xbox One anywhere port forwarding. However, I had problems with port forwarding, so I just used the dmz for her service. However, given that I had to move my Xbox to another part of my house with worst network connection, set up a time capsule for the network. After a long time, I managed to do the work, but now I can listen to is no longer my Xbox. My guess is that the port forwarding rules are not carriers, as it connected via ethernet time capsule and the capsule is connected to another time capsule via radio and this time capsule is connected to my ASUS router via ethernet. So my question is: how to transfer the required ports to my Xbox?

  If both of your time Capsules are configured as bridges, the Asus router is the one that needs to be set up on port mapping. The port mapping is used only when a router is configured for routing. In other words, the NAT and DHCP services are enabled. This is the default value for any router.

  Just to make sure that I understand your current network configuration, the following is correct?

  • ASUS > Time Capsule > > > Time Capsule > Xbox, where ' > ' represents a wired connection, and ' > > > ' represents a wireless.

• Port forwarding on WRT54GL does not

  Thanks in advance, trying to track forward setup my linksys WRT54GL allow Remote Desktop from outside your desktop (private static IP).

  I have a configuration of modem netgear in bridge mode (so the firewall is disabled on the modem), and the Linksys WRT54GL Firewall enabled, with "filter internet NAT redirectin" unchecked.

  I also, port rule before the Setup program in the game & Apps, to transfer the TCP 3389 to my office (private) static IP address.

  I make sure firewall is not blocking the RDP traffic, and I can RDP on the desktop to a laptop on the WIFI network.

  But the rest of the world, I can't not RDP using my ISP (dynamic) IP address.  times out.  I don't know that I have the IP address of my ISP at the moment.

  Thoughts?  I present screenshots if necessary

  After further digging... I found the problem, it was with the Windows 7 firewall.

  I made sure 3389 (and RDP application) was allowed on Win Firewall (this is why I could RDP on my WLAN), but for the rule of the RDP, under the "Advanced" tab, I also had to "allow the crossing side.

  It was the first time I set up the port forwarding for a box of Win 7, so didn't even know that this setting exists in Windows 7.

• WAG160Nv2 v2.00.21 Port Forwarding

  Hello my problem is that I was not able to setup port forwarding.

  WAG160Nv2 Firmware V2.00.21 (I think that Schedule A)

  configuration:

  • only the port forwarding: all OFF
  • forwarding port range: 40000 to 54000 two PC ip protocols
  • PC connects with static IP below 192.168.1.100 from where starts DHCP server on the router
  • trigger port range: all OFF
  • QoS (Quality of Service): all OFF
  • DMZ: OF
  • Access restrictions: disabled
  • SPI Firewall / filters / block WAN requests: all OFF
  • VPN Passthrough: OFF
  • Isolation of the AP: OFF
  • NAT: WE
  • RIP: disabled
  • uPnP: OFF (I tried in combination with ALG)
  • IGMP proxy: OFF
  • SIP ALG: OFF (I tried in combination with uPnP)
  • already pressing reset for a long time after the firmware update, lost all the settings (the number of seconds that I have to press it? (I must have tried 30 +) Factory Defaults did the same thing?

  How I checked:

  • Transmission (torrent program): use uPnP or NAT - PMP router is DISABLED, use port = 40101, port test shows closed
  • Nmap Pei 40000-54000 - T4 - A - v 192.168.1.1 which gives «...» All scanned ports 14001 on 192.168.1.1 are closed... »
  • EDIT: also checked http://www.canyouseeme.org/ AND http://www.portchecktool.com/
  • EDIT: have you: netstat - LNP | grep 40101 on my PC
    TCP 0 0 0.0.0.0:40101 0.0.0.0: * LISTEN 26429/transmission.
    tcp6 0 0: 40101: * LISTEN 26429/transmission.

  Thank you very much in advance

  What is your internet IP address, tsester? I think that there is a double NAT on your network. If you get a private IP address, I suggest that you contact your ISP and your current subscription go to full bridge mode. Next, configure the router again based on the new settings and see if it will solve the problem.

• Port forwarding does not work on EA6900

  Please help me to know what is the reason for this port forwarding does not work on my Linksys router:

  Model: EA6900 v1.1
  Firmware version: 1.1.42.161129

  I've set up two ports: TCP 22 and 8070 TCP to 192.168.1.10. (192.168.1.10 is up and running, I can reach the LAN ports).

  Yesterday, I had a live chat with Linksys support we tried to re - download the firmware even, but that did not help. Then factory reset and reconfigure the router did not help either.

  Unchecking "Filter anonymous Internet requests" and disable uPNP didn't help either (they have been suggested in similar topics).

  However, the IP displayed tab troubleshooting/Diagnostics reflect my external IP address (the IP displayed by http://whatismyip.com), which is weird, because I never have IP from my ISP from 100, that is displayed on the Diagnostics tab. So I guess it's a fake display or it relates to access to my router via www.linksyssamrtwifi.com ?

  Anyway I tried the two IPs from the outside, but the transfer simply doesn't work. (It works fine when I use my old router TP-Link).

  Please advise!

  Sorry guys, it seems indeed a double NAT problem. My ISP can detected MAC address change when I started using EA6900 (thinking that I couldn't not need public IP?) and since then he sends me IPs for NAT - ed. It is strange that the same day, he was working with my old router, but now it is even not working with my old router and not even working when I connect directly to my windows PC to my ISP (via PPPoE). I called their support line and they said that they will solve this problem within 72 hours. In any case, thanks for your help!

• Port forwarding on several computers

  Hi I just bought a Wireless Linksys WAG325N router. I usually about 2-3 machines on my network WIFI and I'd like to enable the port forwarding for each of them on a particular port. It is easy to do for a single exact machine - simply type the port number and IP of the computer to the configuration - but the problem is - I would do it for each other: example: enable the port forwarding XXXX for 192.168.1.100, 101 and 102. Help, please? Thank you in advance.

  It is the application load in a sense. You can change the assignment of external ports to resolve the correct internal port on each machine.

  Say for example using rdp that uses (port/protocol) tcp/3389 (RDP client) application actually allows you to change the external port to connect to, if you specify after the investigation period. If for example say we have rdp access to all 3 computers in the outside world. We can configure the port forwarding on every computer

  (Computers)      (internal IP addressort)            (External IP/port)

  COMP A 192.168.0.5:3389 203.x.y.z:3389

  Model B 192.168.0.10:3389 203.x.y.z:3390

  Model C 192.168.0.15:3389 203.x.y.z:3391

  It is the purpose of a router to create routing tables.

  Of course, you will need to remember which ports are assigned to which device.

  It is certainly dependent on the application. Find out if your application or service supports changing the port, ftp, rdp clients, tftp, ssh all do... Most of the 'Good' services are, as those who built it were considered in a NAT environment.

  NAT network address translation =

  Most of the things if not at the level of the applications, services even in windows are tweakable via the registry. I wouldn't say that that if you don't have experience relavent. You potentially make your workstation unusable if you're wrong.

  I hope this helps.

• Port Forwarding problem through 2 routers RVS4000 2 subnets

  I modified a building network to be compliant (Visa) PABP where two router and two subnets are required.

  My original CD building network configuration was designed to allow remote access to a server terminal server via the port forwarding on a RVS4000 router. So cables / modems-> xx.xx.xx.xx wan ROUTER lan 192.168.1.1--> subnet 192.168.1.0 with TCP 3389 Port forwarding for 192.168.1.11 (terminal server).

  The new configuration of the network is composed of two routers RVS4000 on two subnets. So the Modem cable-> wan xx.xx.xx.xx ROUTER1 lan 192.168.2.2-> Subnet 192.168.2.0-> DMZ 192.168.2.14 and the second router wan ROUTER2 lan--> subnet 192.168.1.0 192.168.1.1 192.168.2.1.

  ROUTER1 is configured in Bridge mode and ROUTER2 is configured in router mode. Port forwarding on ROUTER1 to port TCP 3389 is 192.168.2.1 (on ROUTER2 wan port). Port forwarding on Router 2 for the TCP 3389 must 192.168.1.11 port (server address terminal server).

  With this new configuration of network I am able to connect to the Terminal Server remotely. No problem with access to the Internet and the 192.168.2.0 subnet from inside the 192.168.1.0 subnet.

  So I think my problem is through two RVS4000 routers port forwarding. Any help on this problem will be appreciated.

  Thank you.

  1. can you access the terminal server server from inside the subnet 192.168.2.0/24 using the IP WAN to Router 2, which is access 192.168.2.1:3389 from inside 192.168.2.0/24.

  2. turn on Router 2 router in Bridge mode. Try again. My guess is that this will make the work of transfer. I think that port forwarding is linked to the NAT/gateway mode. No NAT no transfer. Is not logical to use the transfer when you are able to access the IP directly without NAT. Of course, the web interface does not allow you to forward a port located outside the LAN subnet...

  3. are you sure that you can access internet through Router 2 in router mode on the LAN subnet router 2? Usually in the NAT their own LAN subnet routers only bridge mode but not others. If the RVS4000 not NAT a different subnet that would be good to know.

• Port forwarding on WRT160N V2

  My Xbox 360 turns in 'Moderate NAT' problems and because of that I can't connect to the games with my friends. A solution to the problem is to port forwarding.

  These are the ports that I'm supposed to open, according to the documentation on the Microsoft Web site:

  • TCP 80
  • UDP 88
  • UDP 3074
  • TCP 3074
  • UDP 53
  • TCP 53

  Where can I enter in the ports and other information?

  Xbox originals on the port forwarding for Xbox 360

  I solved it myself, no thanks to you guys. Enjoy the lack of help on this SUPPORT FORUM.

• Problem with Port Forwarding (When PPTP is upward) in the WRT-160N

  Hello world!

  I'm looking for more help with Port Forwarding in my new Linksys router. I bought the daysago afew router and was pretty surprised when I discovered that there is no DD - WRT firmware is installed in it (the router was 100% NEW when I bought it). I downloaded latest firmware original and flashed Linksys file successfully.

  But I still have the problem (even that I was on DD - WRT firmware too) with the port forwarding for my DC ++ and Vuze (app from torrents): I wrote port forward for ports 49151 (for Vuze) and 4000 (for DC ++) to pass on to my desktop computer (IP 192.168.1.201) - I saw a post on this forum, that there could be a problem If you transfer to an IP address, which is within the local area of DHCP, so I forwarded to IP.201 (my local DHCPzone is 192.168.1.100-. 149) But does not forwardind (())

  What's wrong?

  My configuration:

  Router IP: 192.168.1.1

  PPTP (I my ISP)

  IP address: 192.168.226.127

  Default gateway: 192.168.226.2

  DNS 1: 192.168.1.1

  2 & 3 DNS: 0.0.0.0

  The IP address of the PPTP server: 192.168.226.2

  User name: *.

  Password: *.

  _____________________

  Simple Port Forwarding:

  Name of the external port application port internal protocol for IP address Enabled

  Vuze 49151 49151 times checked 192.168.1.201

  DC 4000 4000 checked two 192.168.1.201

  As you mentioned in your post that your ISP has provided you with a PPTP connection with an IP address: 192.x.x.x. The IP address that is provided by your ISP is in a private beach, and if you try to transfer all the ports on your router, it will not work, as long as your ISP modem is blocking this port. If you need get a public IP address from your ISP.

  As you get Private IP of your ISP, if this connection is called as NAT behind NAT and your Modem behaves like a router.

  So now you have 2 options, get the public IP address from your ISP or change the type of connection.

• The ASA with crossed VPN Port forwarding

  Hello

  I worked on a question for a while and I have managed to track down the issue, but I don't know how to solve the problem.

  I have an ASA 5505 8.4 (7) running with a tunnel for incoming remote users anyconnect vpn. I also want to configure incoming Web server port forwarding.

  The question seems to be traversed rule which stops incoming port forwarding:

  NAT (outside, outside) NETWORK_OBJ_172.16.1.0_28 interface description dynamic source hairpin to natting users vpn on the external interface

  When I disable the port forwarding will work perfectly (according to tracer packet that is).

  I have attached the config to this post. I would appreciate any idea how to get the through VPN and the transfer to the incoming port working.

  The config has been condensed to remove unneed config.

  Thank you

  Hello

  What is the configuration commands, you use to put in place the static PAT (Port Forward)?

  The problem is most likely order of the NAT configurations such as configuring NAT above in the upper part of the NAT configurations.

  Configuring static PAT, that you could use to make it work would be

  the SERVER object network

  host

  service object WWW

  tcp source eq www service

  NAT (server, on the outside) of the interface to the static SERVER 1 source WWW WWW service

  The above assumes the source for the host interface is "Server" and the service that you want to PAT static TCP/80.

  Note that we add the number '1' in the 'nat' command. This will add at the top. The same should be done for any other static PAT you configure you want for these VPN Clients.

  Hope this helps

  -Jouni

• Arbitrary RV220W Port forwarding

  I was able to use the rules of the IPv4 firewall for redirection http from port 80, since it is one of the Services listed, but I do not see how to configure the port forwarding for an arbitrary number of port to port. It was obvious with my older WRV200. Is there a way specify an arbitrary port you would have passed or is the router that is limited to the list of Services in the menu drop-down?

  Thank you

  Brian

  Hi Brian,.

  Thank you for posting. Try the firewall-> access control-> of personalized Services. Create your new service and you will be able to select in the IPv4 firewall rules. It is certainly a big change in our legacy routers. Please let us know if this helps or if you need further assistance.

• port forwarding static pix501

  Hello!

  I really made efforts to make this work, but without success.

  What I'm trying to do is a port forwarding on tcp 4899. I searched forums, read articles and the manual, but it doesn't really work.

  Topology: Pix ISP modem DSL - lan

  Here is the config of my pov, working the 'best '.

  : Saved

  :

  6.3 (1) version PIX

  interface ethernet0 car

  interface ethernet1 100full

  ethernet0 nameif outside security0

  nameif ethernet1 inside the security100

  enable password xxxx

  passwd xxx

  pixfirewall hostname

  domain ciscopix.com

  fixup protocol ftp 21

  fixup protocol h323 h225 1720

  fixup protocol h323 ras 1718-1719

  fixup protocol http 80

  fixup protocol they 389

  fixup protocol rsh 514

  fixup protocol rtsp 554

  fixup protocol sip 5060

  fixup protocol sip udp 5060

  fixup protocol 2000 skinny

  fixup protocol smtp 25

  fixup protocol sqlnet 1521

  names of

  access-list 101 permit tcp any host xx.xx.xx.245 eq 4899

  pager lines 24

  information recording console

  Outside 1500 MTU

  Within 1500 MTU

  IP address outside xx.xx.xx.244 255.255.255.240

  IP address inside 192.168.29.91 255.255.255.0

  alarm action IP verification of information

  alarm action attack IP audit

  PDM logging 100 information

  history of PDM activate

  ARP timeout 14400

  Global 1 xx.xx.xx.245 (outside)

  NAT (inside) 1 0.0.0.0 0.0.0.0 0 0

  static (inside, outside) tcp xx.xx.xx.245 4899 192.168.29.4 4899 netmask 255.255.255.255 0 0

  Access-group 101 in external interface

  Route outside 0.0.0.0 0.0.0.0 xx.xx.xx.241 1

  Timeout xlate 0:05:00

  Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225

  H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00

  Timeout, uauth 0:05:00 absolute

  GANYMEDE + Protocol Ganymede + AAA-server

  RADIUS Protocol RADIUS AAA server

  AAA-server local LOCAL Protocol

  Enable http server

  http 192.168.29.0 255.255.255.0 inside

  No snmp server location

  No snmp Server contact

  SNMP-Server Community public

  No trap to activate snmp Server

  enable floodguard

  Telnet timeout 5

  SSH timeout 5

  Console timeout 0

  dhcpd address 192.168.29.92 - 192.168.29.123 inside

  dhcpd lease 3600

  dhcpd ping_timeout 750

  dhcpd outside auto_config

  Terminal width 80

  Cryptochecksum:xxxx

  : end

  Here's a log of what happens when I try to establish a connection.

  609001: built internal local host: 192.168.29.4

  305011: built a static TCP translation of inside:192.168.29.4/4899 to outside:xx.xx.xx.245/4899

  302013: built of TCP connections incoming 582 for outside:yy.yy.yy.51/3289 (yy.yy.yy.51/3289) at inside:192.168.29.4/4899 (xx.xx.xx.245/4899)

  302014: disassembly of the TCP connection 582 for outside:yy.yy.yy.51/3289 to inside:192.168.29.4/4899 duration 0:02:01 bytes 0 SYN Timeout

  305012: static translation TCP disassembly of inside:192.168.29.4/4899 to outside:xx.xx.xx.245/4899 duration 0:02:15

  And IMO it looks as it should? But there is no data flow.

  Thank you! Peter

  Are you sure that the service is running on 192.168.29.4? "bytes 0 SYN Timeout"reveals as no response was sent from inside.

  After you add the static statement, did you make a clear xlate or restart the pix to reset the table of translation slot? (clear xlate is preferred, but naturally a reboot will be wipe off the table)

• Cisco 881 Port forwarding

  Hello

  I'm trying for our DB setup port forwarding server.

  Transfer out to 172.16.10.100 for port 1433 is necessary.

  We use Cisco 881 TPG EFM and currently running config like below.

  Our public IP is x.x.x.x and DB 172.16.10.100 server.

  Internet works fine but port 1433 is no transfer to the server from the outside and I am not able to RDP to the server also gives access to.

  Please correct the settings for me.

  ROUTER1 hostname
  !
  boot-start-marker
  boot-end-marker
  !
  !
  enable secret 5 $1$ IRTA$ bgFgMkdStoAKC2Xh3cwD01
  activate the ROUTER1 password
  !
  No aaa new-model
  iomem 10 memory size
  !
   
  !
  DHCP excluded-address IP 172.16.10.1
  DHCP excluded-address IP 10.10.10.1
  DHCP excluded-address IP 172.16.10.100
  DHCP excluded-address IP 172.16.10.101
  !
  IP NET-POOL dhcp pool
  import all
  network 172.16.10.0 255.255.255.0
  router by default - 172.16.10.1
  203.12.160.36 DNS server
  lease 9
  !
  !
  !
  no ip domain search
  IP domain name router1.local
  name of the IP-server 203.12.160.35
  name of the IP-server 203.12.160.36
  IP cef
  No ipv6 cef
  !
  !
  license udi pid CISCO881-K9 sn FGL1821243Q
  !
  !
  username admin privilege 15 secret 5 2wf23sdas
  !
   
  !
  property intellectual ssh time 60
  property intellectual ssh sshkeys name of the rsa key pair
  property intellectual ssh version 2
  property intellectual ssh pubkey-string
  username admin
   
  !
  interface FastEthernet0
  no ip address
  !
  interface FastEthernet1
  no ip address
  !
  interface FastEthernet2
  no ip address
  !
  interface FastEthernet3
  no ip address
  !
  interface FastEthernet4
  no ip address
  penetration of the IP stream
  automatic duplex
  automatic speed
  PPPoE enable global group
  PPPoE-client dial-pool-number 1
  !
  interface Vlan1
  Description $ETH_LAN$
  address 172.16.10.1 IP 255.255.255.0
  IP nat inside
  IP virtual-reassembly in
  IP tcp adjust-mss 1452
  !
  interface Dialer0
  no ip address
  No cdp enable
  !
  interface Dialer1
  MTU 1492
  IP ddns update DDNS
  the negotiated IP address
  NAT outside IP
  IP virtual-reassembly in
  encapsulation ppp
  IP tcp adjust-mss 1436
  Dialer pool 1
  PPP chap hostname [email protected] / * /
  PPP chap password 0 xxxxxx
  PPP pap sent-username [email protected] / * / password 0 xxxxxx
  No cdp enable
  !
  IP forward-Protocol ND
  IP http server
  23 class IP http access
  local IP http authentication
  IP http secure server
  IP http timeout policy slowed down 60 life 86400 request 10000
  !
  overload of IP nat inside source list ACL_NAT_ALLOW interface Dialer1
  IP nat inside source static tcp 172.16.10.100 3389 3389 Dialer1 interface
  IP nat inside source static tcp 172.16.10.100 Dialer1 1433 1433 interface
  IP route 0.0.0.0 0.0.0.0 Dialer1
  !
  ACL_NAT_ALLOW extended IP access list
  allow an ip
  permit tcp any any eq 1433
  permit tcp any any eq 3389
  allow a full tcp
  IP 172.16.10.0 allow 0.0.0.255 any
  permit tcp any any eq www
  allow any host 172.16.10.100 eq 1433 tcp
  allow accord any host 172.16.10.100
  ACL_OUTSIDE-to-INSIDE extended IP access list
  permit tcp any any eq 22
  permit any any eq 443 tcp
  permit any any icmp echo
  permit any any icmp echo response
  ICMP all all ttl-exceeded allow it
  allow all all unreachable icmp
  allow udp any any eq isakmp
  permit any any eq non500-isakmp udp
  allow an esp
  permit tcp any any eq telnet
  permit tcp any any eq 3389
  allow a full tcp
  allow a udp
  permit tcp any any eq 1433
  !
  access-list 1 permit 0.0.0.0 255.255.255.0
  access-list 1 permit 172.16.10.0 0.0.0.255
  access-list 1 permit one
  access-list 23 allow 10.10.10.0 0.0.0.7
  access-list 55 allow 203.12.160.5
  access-list 55 allow 172.29.0.3
  access-list 55 allow 172.29.0.4
  access-list 55 allow 172.29.0.10
  not run cdp
  !
  tpgframe SNMP - Server RO 55 community
  Enable SNMP-Server intercepts ATS
   
   
   
   
   

  I don't see anything wrong with NAT redirection in this configuration. What happens when you try what follows from the CLI of the router?

   telnet 172.16.10.100 1433 /source-interface Dialer1 telnet 172.16.10.100 3389 /source-interface Dialer1 telnet 172.16.10.100 1433 telnet 172.16.10.100 3389

• port forwarding TCP on pix 501

  can you tell me how to port forward or open tcp 21 and 1024-2774 for the end user of a backup system remotely via the pix Manager or regular here is a copy of my config thanks my apologies if this is a little wave building configuration...

  : Saved

  :

  6.2 (2) version PIX

  ethernet0 nameif outside security0

  nameif ethernet1 inside the security100

  activate the password

  pixfirewall hostname

  domain ciscopix.com

  fixup protocol ftp 21

  fixup protocol http 80

  fixup protocol h323 h225 1720

  fixup protocol h323 ras 1718-1719

  fixup protocol they 389

  fixup protocol rsh 514

  fixup protocol rtsp 554

  fixup protocol smtp 25

  fixup protocol sqlnet 1521

  fixup protocol sip 5060

  fixup protocol 2000 skinny

  names of

  list of access allow-permit tcp any any eq www

  access list permits allow tcp everything any https eq

  list of access allow-permit udp any any eq isakmp

  list of access allow-permit udp any any eq field

  list of access allow-permit tcp any any eq telnet

  list of access allow-permit tcp any any eq ftp

  access list permit to allow icmp a whole

  access list allow allow an entire esp

  list of access allow-permit tcp any any eq ssh

  list of access allow-permit tcp any any eq - ica citrix

  list of access allow-permit tcp any any eq pop3

  list of access allow-permit tcp any any eq smtp

  list of access allow-permit tcp any any eq aol

  access list, allow-in allow an entire esp

  access list allow component snap permit udp any any eq isakmp

  access list, allow-in allow icmp a whole

  access list allow component snap permit tcp any any eq ssh

  pager lines 24

  interface ethernet0 10baset

  interface ethernet1 10full

  Outside 1500 MTU

  Within 1500 MTU

  IP address outside x.x.x.226 255.255.255.240

  IP address inside 192.168.1.1 255.255.255.0

  alarm action IP verification of information

  alarm action attack IP audit

  location of PDM 192.168.1.3 255.255.255.255 inside

  location of PDM 192.168.1.5 255.255.255.255 inside

  location of PDM 192.168.1.6 255.255.255.255 inside

  location of PDM 192.168.1.7 255.255.255.255 inside

  location of PDM 192.168.1.8 255.255.255.255 inside

  location of PDM 192.168.1.9 255.255.255.255 inside

  PDM location x.x.x.88 255.255.255.255 outside

  location of PDM 192.168.1.10 255.255.255.255 inside

  location of PDM 192.168.1.11 255.255.255.255 inside

  PDM logging 100 information

  history of PDM activate

  ARP timeout 14400

  Global 1 interface (outside)

  NAT (inside) 1 0.0.0.0 0.0.0.0 0 0

  public static x.x.x.227 (Interior, exterior) 192.168.1.9 netmask

  255.255.255.255 0 0

  public static x.x.x.228 (Interior, exterior) 192.168.1.8 netmask

  255.255.255.255 0 0

  public static x.x.x.229 (Interior, exterior) 192.168.1.3 netmask

  255.255.255.255 0 0

  public static x.x.x.230 (Interior, exterior) 192.168.1.5 mask

  255.255.255.255 0 0

  public static x.x.x.231 (Interior, exterior) 192.168.1.7 netmask

  255.255.255.255 0 0

  public static x.x.x.232 (Interior, exterior) 192.168.1.6 netmask

  255.255.255.255 0 0

  Access - allows to group in the interface outside

  allow-out access-group in the interface inside

  Route outside 0.0.0.0 0.0.0.0 216.215.244.225 1

  Timeout xlate 0:05:00

  Timeout conn 0 half-closed 01:00:10: 00 udp 0: CPP 02:00 0:10:00 h323

  0:05:00 sip 0:30:00 sip_media 0:02:00

  Timeout, uauth 0:05:00 absolute

  GANYMEDE + Protocol Ganymede + AAA-server

  RADIUS Protocol RADIUS AAA server

  AAA-server local LOCAL Protocol

  Enable http server

  http 192.168.1.0 255.255.255.0 inside

  No snmp server location

  No snmp Server contact

  SNMP-Server Community public

  No trap to activate snmp Server

  enable floodguard

  Permitted connection ipsec sysopt

  No sysopt route dnat

  Telnet 192.168.1.0 255.255.255.0 inside

  Telnet timeout 5

  SSH timeout 5

  dhcpd address 192.168.1.2 - 192.168.1.33 inside

  dhcpd dns 64.89.70.2 64.89.74.2

  dhcpd lease 2000000

  dhcpd ping_timeout 750

  dhcpd outside auto_config

  dhcpd allow inside

  Terminal width 80

  Cryptochecksum:XXXXX

  : end

  [OK]

  Hello

  Port forwarding is different to allow ports through the firewall. I guess you meant allow tcp/21 and 21 1024-2774, right port?

  You need the following lines

  access list allow component snap permit tcp any any eq ftp

  access list allow component snap allowed tcp everything any 1024 2774 Beach

  You can be more specific and can replace "any" with the actual IP addresses

  Thank you

  Nadeem