[lug] Cisco 675 router

Wed Jun 7 12:37:29 MDT 2000

What you want is reverse port mapping in the Cisco's NAT.

enable the router then type:
set nat entry add inside_ip port protocol  
ex:

set nat entry add 10.0.0.10 80 tcp

would get you web access into the machine that has the 10.0.0.10 private address.

Cisco's NAT also allows you to restrict which public IP address the incoming request comes from :

set nat entry add 10.0.0.10 80 tcp 199.199.253.199 10000

This would make all requests to the 199.199.253.199:10000 address go to your private 10.0.0.10 machine on port 80.  This assumes that your assigned public IP address is 199.199.253.199.  When you're using dynamic IP's this isn't the best way to go because you have to remap your NAT entries every time your router reboots.

Cisco's web site has great documentation on these features downloadable in PDF form or browsable on the web.  Search on their site for "CBOS" which is Cisco Broadband Operating System.

To solve your other problem,  you could write a shell script that telnets into your Cisco 675 and then looks for the public ip address of your machine.  After receiving this address you could email it or post it to a web page.  I'm not a shell scripting expert, but it should look something like this:

telnet into cisco
send command to get IP address of public side (show interface wan0 might do this)
cut out this IP address
end telnet session
post IP to a HTML file or mail

I solve this problem by emailing myself every morning if I'm going to need my IP address then looking at the headers of the email.  If someone does end up writing this shell script, I'd love to see it.

Hope that was useful.

Brian Ketelsen
http://www.coloradogeeks.com

  ----- Original Message ----- 
  From: Andrew Reberry 
  To: lug at lug.boulder.co.us 
  Sent: Wednesday, June 07, 2000 11:53 AM
  Subject: [lug] Cisco 675 router

  Hey all, I have a machine which is connected to the Internet through a Cisco 675 router.  The router is connected to USWest.net, and they are providing me with a dynamic IP address..  Long story, but static IP addressing is not probable in this situation.

  I need to get access to this machine when away from home, but I have two problems with doing so:

  1) I have no idea how to get through this router.
  2) The dynamic IP address

  Problem 1:

  Does anyone have any idea how to bypass the cisco router?  I can log in to the router when I know the IP address.  However, I cant figure out how to get from the router to my system at all.   The router is connected directly to a network card attached to the SuSE machine.  I have read the whole manual covering the Cisco 675, but it didn't give me any hints on how I would bypass the system.  USWest is not helpful here and has no idea how I would go about getting this done.

  The network card I'm using gets an ip address using DHCP.  This address is set by the cisco router I believe, and not USWest.  So to get to my machine, in theory, I would have to telnet into the router, and then telnet into the machine.  However, telneting from the router does not seem possible.

  Problem 2:

  When away from home I will not know what the dynamic IP address is.  Could I write a program that would send me an email every day telling me what static IP address my computer currently has.  Or have this program post the IP address to another server which is connected to the Internet?  Say to my homepage or something else?  If this is a viable solution, what sort of program would I want to write?  A shell script?  C++ program?

  One other thing which makes this hard is the fact that when I run 'ifconfig' I get the DHCP address of the network card.  To find out what IP address the world sees me at I usually go to the following URL where it tells me so.  http://www.simflex.com/scripts/ip.exe.  This means I would have to get my IP address from somewhere outside my system before I send it to myself.

  Any suggestions and or solutions always welcome.  I know doing this is a bit problematic, but am trying to figure it out anyway.

  Andrew Reberry
  reberrya at colorado.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20000607/801b9ef5/attachment.html>