Register

Forgot Password

Site FAQ

Home > IT Answers > Networking > NAT port Fowarding in packet tracer

Bitbytetw

35 pts.

NAT port Fowarding in packet tracer

Cisco, NAT, Networking, Packet Tracer 5.0

hay, me and my friend were trying to do some real world networking by having a small computer network contact the internet via a isp in packet tracer but when the dns packets come to the isp router the packets are dropped because there is no service running on the listening port. but this is bull because of the portforwarding in place. here is the show run can any one suggest why the portforwarding is being dropped: Building configuration... Current configuration : 1138 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec service password-encryption ! hostname ISP ! ! ! enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 enable password 7 0822455D0A16 ! ! ! ! ! ! ! ! ! ! no ip domain-lookup ! ! ! ! ! ! interface FastEthernet0/0 ip address 195.10.10.1 255.255.255.0 ip nat inside duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/0 ip address 200.20.10.1 255.255.255.0 ip nat outside clock rate 64000 ! interface Serial0/1 no ip address clock rate 64000 ! router eigrp 1 network 200.20.10.0 auto-summary ! ip nat inside source list 1 interface Serial0/0 overload ip nat outside source static tcp 200.20.10.1 80 195.10.10.5 80 ip nat outside source static udp 200.20.10.1 53 195.10.10.5 53 ip nat outside source static tcp 200.20.10.1 53 195.10.10.5 53 ip nat outside source static udp 200.20.10.1 80 195.10.10.5 80 ip classless ! ! ! banner motd ^C This is the ISP ^C ! ! ! ! line con 0 password 7 082243401A160912 login line vty 0 4 password 7 08354942071C11 login ! ! ! end

Software/Hardware used:
Packet Tracer 5.3.2.0027

ASKED: October 25, 2011 3:15 PM

UPDATED: November 1, 2011 6:18 PM

RELATED QUESTIONS

Answer Wiki:

Your answer is kind of in your question: " dns packets come to the isp router the packets are dropped because there is no service running on the listening port " Port forwarding FROM your router TO the ISP is outgoing or "talking", whereas the ISP side is recieving or "listening" for those DNS requests IF you dont have a server to provides that service at the ISP, then what you stated in your question is exactly what will happen. All the router can do is forward the requests to the ISP, but if the ISP cannot either process (DNS look-up) or forward (DNS relay) those requests, as you found, they go nowhere... Add a DNS server at the ISP that is running the DNS service, and make that ISP DNS server the primary DNS of the outgoing traffice from your router, and let us know how that works for you...

Last Wiki Answer Submitted: October 28, 2011 7:23 pm by Sixball

8,500 pts.

All Answer Wiki Contributors: Sixball

8,500 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Oct 29, 2011 3:38 PM (GMT)

well you see that’s the problem, this ISP router is connected to a dns server through a 2950-24. its all networked up and working and the dns server can ping all the way to the 3rd router in my packet tracer model. but as soon as i send dns traffic it’s dropped ? if you would like i can try upload my packet trace model.

but as you can see in the show run, the port forwards are directing traffic to the dns server at 195.10.10.5. when i go into the packet analysis it goes to layer 4 searches for a service running finds no service running on the ports when there clearly is with the rules ive made and drops the packet.

Bitbytetw

35 pts.

POSTED: Oct 29, 2011 4:09 PM (GMT)

also here is a link to download the .pkt file if you wish to take a look at the network first hand

Bitbytetw

35 pts.

POSTED: Nov 1, 2011 6:18 PM (GMT)

A list of really quick issues with the PKT you provided:

- Both Servers have the exact same IP address
– “Internet” server: 195.10.10.5 /24, gw 195.10.10.1
– “Data” server: 195.10.10.5 /24, gw [u]195.10.1.1[/u]

- The gateway of “Data” server is 195.10.1.1, which is Fa0/1 on “Router1″, which is in a “down” state (the only cable from Switch3 goes into Fa0/0 on Router1)

- Fa0/0.10 on Router 1 AND Fa0/0 on “ISP” router have the exact same IP address
– Fa0/0.10 (Router1) = 195.10.10.1 /24
– Fa0/0 (ISP) = 195.10.10.1 /24

- The “Internet” server does not have a DNS server configured (not even to itself)

- On the “Internet” server, the ONLY DNS entry – “A Record” for http://www.isp.com – points to 200.10.10.1 – which is Interface Serial0/0 on the 2620XM “Internet Router”

- Pings from “Internet” server to PC4 (195.10.20.22) give “Destination host unreachable”

- Pings most likely failed due to routing configuration issues. In your original post, you have the following from the ISP router:
router eigrp 1
network 200.20.10.0
–> (Missing network of Interface Fa0/0) <–
auto-summary
[b]( interface FastEthernet0/0, ip address 195.10.10.1 255.255.255.0 )[/b]

Just on a 30-minute once-over, seems you have a few more design issues besides forwarding of DNS to your servers…

Sixball

8,500 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags