Mar 13

Telnet to Router Interface from outside


This post answers the typical question of how to Telnet to Router Interface from outside. Also it details the configuration steps which enables telnet access to router’s outside interface.

I have setup a small lab on GNS3 to give an exact idea of how an internet facing router is typically

configured and how you can modify it to enable access from outside which can be required for remote

support etc.

Typical NAT

NAT Source Mapped IP NAT Destination
Any Interface IP Any


Int lo0
Ip address
nat inside

Int s1/0
Ip address
nat outside

ip nat inside source list inside-nat interface Serial1/0 overload
ip access-list extended inside-nat
permit ip any any

The above configuration is a typical configuration which will NAT anything passing through the router to

outside interface. NAT Interface Overload is used, which uses Interface IP address to hide inside networks

behind it.
Now, if you want to connect to outside interface, it wouldn’t work because the router is configured to NAT

anything leaving outside interface.

We can change the NAT as following to catch only the networks that need NAT.

Specific  Source NAT

NAT Source Mapped IP NAT Destination Int IP – Any

We will do this by changing the ACL which catches traffic to be NATed.

ip access-list extended inside-nat
no  permit ip any any
permit ip any

However, for security reasons you can attach an ACL to outside interface, permitting only specific IP addresses allowed to Telnet to router.

You can download the router configs and GNS3 Lab Topology for yourself to play with from following link


Telnet To Router Outside Interface.jpeg

Leave a Reply

%d bloggers like this: