u must open FTP port on ur router
go to router ip
and add FTP port 21 TCP
Hello guys ,
I want to build FTP site behind my cisco router could you pls. advice me about the best method to do that and be note the following :
1 ) I have free public IP lets say 10.1.1.1
2) the FTP server has this private IP on the LAN 192.168.1.2
3 ) I want the outside user to access the FTP site using this URL
thnx in advance to all
ya man i know that but the question how i will do that, my propsal to write ACL like this
ip access-list extended INBOUND
permit tcp any 10.1.1.1 eq 21
this ACL will applied as inbound in the outside router interface
but what about NATing i think we need to connect the private IP with Public IP, I need the commands to do that ?
and what info i have to give to ISP
i have to explain something extra
the server that host the FTP site is hosting ISA and in the router configuration i have NAT statement
to link another public IP ( i.e 10.1.1.2 ) with 192.168.1.2
So i need another NAT statement to link the same private IP 192.168.1.2 to another public IP 10.1.1.1 but based on port 21 to distinguish it from the previous statement ??
i am speaking about Cisco router 2600 series
click on the Start button, and then click Run. This will bring up a Run program box. In the textbox in that window type Command or Cmd depending upon which version of windows you are running. Then click the Ok button. A black msdos prompt window should be open in front of you. Type telnet 188.8.131.52 (ROUER IP) , and then press the enter key on your keyboard. Type en at the prompt. You should prompted for your password. Enter your password now. By default the password is blank.
The following will give you a couple examples of the commands you can type to setup port forwarding in your router.
Forward port FTP 21 tcp traffic from the current outside ip address.
set nat entry add 10.0.0.2 (UR IP) 21 tcp
Forward port 2000-3000 tcp traffic from the current outside ip address. The 0.0.0.0 is use when you are not on a static external ip. set nat entry add (UR IP) 2000-3000 0.0.0.0 2000-3000 tcp
Change the tcp portion to udp to forward udp traffic. set nat entry add 10.0.0.2 (UR IP) 21 udp set nat entry add (UR IP) 2000-3000 0.0.0.0 2000-3000 udp
Type write at the prompt. Type reboot at the prompt.
10.0.0.1 = Router IP
10.0.0.2 = UR Router
are you mean this NATing command :
ip nat inside destination static tcp 10.1.1.1 ( public ip) 21 192.168.1.2 ( private ip) 21 ??
what you mean by UR Router?
The command have to be apply like this
ip nat inside source static tcp PRIVATE_IP 21 PUBLIC_IP 21 extendable
thnx a lot for ur great help