无法访问思科路由器中的转发端口

tag-icon tag-icon networking cisco port-forwarding
无法访问思科路由器中的转发端口

以下是我的路由器配置。我有一个静态公共 IP,仅供参考。

hostname R1

boot-start-marker
boot-end-marker

enable secret 4 GKuIQycLGFn/1VtTta/OeXqUIqQROubxT/D40OGFs0c

no aaa new-model

ip cef

ip dhcp excluded-address 192.168.0.1 192.168.0.100
ip dhcp excluded-address 192.168.3.1

ip dhcp pool HOME
 network 192.168.0.0 255.255.255.0
 default-router 192.168.0.1
 dns-server 1.1.1.1 1.0.0.1

ip dhcp pool WIN
 host 192.168.0.22 255.255.255.0
 client-identifier 01d4.3d7e.18d9.ce

ip dhcp pool PC
 host 192.168.0.247 255.255.255.0
 client-identifier 0108.0027.3bd7.70

ip dhcp pool Solar
 host 192.168.0.253 255.255.255.0
 client-identifier 01c8.9346.3250.e8

ip dhcp pool Tank-Level
 host 192.168.0.243 255.255.255.0
 client-identifier 018c.aab5.8b8e.40

ip dhcp pool PIP
 host 192.168.0.229 255.255.255.0
 client-identifier 01dc.a632.2ce3.8c

ip domain name domain.com
no ipv6 cef

multilink bundle-name authenticated

license udi pid CISCO2921/K9 sn FGL1813118M

username admin privilege 15 secret 4 GRTVBsdfv/1VtTta/OeXqUIqQROubxT/D40OGFs0c

redundancy

ip ssh version 2

interface Embedded-Service-Engine0/0
 no ip address
 shutdown

interface GigabitEthernet0/0
 description -Ethernet WAN-
 ip address dhcp
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto

interface GigabitEthernet0/1
 ip address 192.168.0.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto

interface GigabitEthernet0/1.1
 encapsulation dot1Q 101
 ip address 192.168.1.1 255.255.255.0
 ip pim dense-mode
 ip nat inside
 ip virtual-reassembly in
 ip cgmp

interface GigabitEthernet0/2
 ip address 192.168.3.1 255.255.255.0
 duplex auto
 speed auto

ip forward-protocol nd

no ip http server
no ip http secure-server

ip dns server
ip nat inside source list IoT interface GigabitEthernet0/2 overload
ip nat inside source list NAT interface GigabitEthernet0/0 overload
ip nat inside source static tcp 192.168.0.222 3389 interface GigabitEthernet0/0 13389
ip nat inside source static udp 192.168.0.222 3389 interface GigabitEthernet0/0 13389
ip route 192.168.2.0 255.255.255.0 192.168.3.2
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0 dhcp

ip access-list standard IoT
 permit 192.168.2.0 0.0.0.255
ip access-list standard NAT
 permit 192.168.0.0 0.0.0.255

control-plane

line con 0
 logging synchronous
 login local
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
 stopbits 1
line vty 0 4
 exec-timeout 5 0
 login local
 transport input ssh

scheduler allocate 20000 1000

end

如你所见,我已将公网 IP 上的端口 13389 转发到 .222 上的端口 3389。

https://www.yougetsignal.com/tools/open-ports/显示公共 IP 上的端口 13389 已打开。但我无法使用公共 IP 远程桌面进入我的电脑。它通过本地 IP 工作。

知道发生什么事了吗?

相关内容