The Cisco 675 will do PAT, port address translation as will as NAT, network address translation. You want to do a set nat entry add on the 675 to open a port on the DHCP address WAN port that will be forwarded to a computer IP address and port. The full command you want to use is command is set nat entry add inside_ipaddress port. The inside_ipaddress is the computer's IP address port is the port you wish opened. The full command for port fowarding is set nat entry add inside_ipaddress port outside_ipaddress port protocol. By leaving the outside address unspecified, the Cisco 675 will open a port on any address you recieve. If you specify the address then it will break if you are assigned a new one. Now, to assign a name to your box I would suggest. wwdhs.org. Sign up for a dyn.dhs.org host and then apply the DHCP address that the Cicso 675 has on it's wan0-0 port. Use the command sh nat on the Cisco to get the address. cbos#sh nat NAT is currently enabled Inside Global Address set to 216.160.111.159 Inside Local Inside Global Timer Flags Protocol 10.0.0.30: 222 216.160.111.159: 222 0 0x2041 *** 10.0.0.10: 25 216.160.111.159: 25 0 0x2041 *** 10.0.0.10: 22 216.160.111.159: 22 0 0x2041 *** You can see that I have two computers. I have PAT pointing connections for ssh and SMTP and 222, which is ssh running on the second host. You can only point one port to one computer, so to ssh in the second computer required another port to be opened. I used 222 because it is easy for me to remember. There where a few times that I wanted access to my computers when away where service had been interrupted and I recieved a new DHCP address. Of course being away from the systems I had no way of know the address assigned and so myhost.dyn.dhs.org was not pointing to my machine. To fix this I used a script and setup the Cicso 675 to log its syslog to one of my machines. The cisco commands aare cbos#set syslog SET SYSLOG requires one of the following arguments disabled Turn off Syslog enabled Turn on Syslog port Set Syslog Port Number remote Set Remote IP Address test Test Syslog server So enable it and use set syslog remote ipaddress to point the logging to your computer. Using yast, it is very easy to setup syslog to accept traffic from other host. System Administration/Change configuration/ look for SYSLOGD_PARAMS and add -r to the options. Now do as root /sbin/init.d/syslog restart, and then on the cisco use the command cbos#set syslog test HELLO, this is cool. to test that is works by using as root, the command, grep HELLO, /var/log/messages So now every time the cisco picks up a new address it will log this fact to the syslog daemon on your computer. The script will search for the ip address logged and if it does not match the current DNS setting at dhs.org it will change them to match. Now set up the attached file with the appropraite settings and set up a cron job as root to run it every hour or so. It has to be root because only root has access to /var/log/messages. This will test the current DNS settings of your dyn.dhs.org host on the dhs.org DNS server, if the current ip address of the cisco matches, then logger logs this fact to syslog. If the ipaddress isn't the same, the script updates your settings and logs if it was successful or not. #!/bin/sh # # # # ######################################## # Set these variables to your DHS Info # ######################################## LOGIN="" # your username PASSWORD="" # your password HOSTNAME="" # your hostname DHSDOMAIN="dyn.dhs.org" # your dynamic DHS domain ( dyn.dhs.org, 2y.net ) ATHome will not work with this script MAILHOST="" # where you want mail to this host delivered to LOGFILE="/var/log/messages" # your syslog file OFFLINE_URL="" # offline url if your want to redirect CLOAK="" # Y / N ( yes or no ) CLOAK_TITLE="" # I'm off line at the moment, will be back REAL SOON NOW ######################################################### # You shouldn't have to modify anything below this line # ######################################################### DATE=`date +%b" "%e` IPADDRESS="`grep "$DATE" "$LOGFILE" |grep IPCP | tail -n1 | cut -d " " -f26 | cut -d "^" -f1`" DHS="http://members.dhs.org/nic/hosts?hostscmd=edit&hostscmdstage=2&typ e=4&submit=Update&updatetype=Online&domain=$DHSDOMAIN&hostname=$HOSTNAM E&ip=$IPADDRESS&mx=$MAILHOST&offline_url=$OFFLINE_URL&cloak=$CLOAK&cloa k_title=$CLOAK_TITLE" if test "`nslookup $HOSTNAME.$DHSDOMAIN wombat.dhs.org | tail -n2 | grep Address:| cut -d " " -f3`" = "$IPADDRESS" ; then logger "IP `echo "$IPADDRESS"` is still mapped to `echo "$HOSTNAME.$DHSDOMAIN"` `date +%D" @ "%l:%M%p`" ; else lynx -dump -auth=$LOGIN:$PASSWORD $DHS sleep 30 if test "`nslookup $HOSTNAME.$DHSDOMAIN wombat.dhs.org | tail -n2 | grep Address:| cut -d " " -f3`" = "$IPADDRESS" ; then logger "IP `echo "$IPADDRESS"` is now mapped to `echo "$HOSTNAME.$DHSDOMAIN"` `date +%D" @ "%l:%M%p`" ; else logger "Unrecognized response updating ip record! `date +%D" @ "%l:%M%p`" fi fi exit Thank you Russell
I get service through USWest and I believe that I have a Cisco 675 DSL modem. I'm interested in what you develop for a setup on this...
Thanks, Ryan