I had a couple of issues getting DynDNS working on a Cisco router. The first issue was: how do I type a question mark within an IOS configuration command? Normally, when you type ? IOS responds with its command help. This is obviously a problem when you’re trying to enter a URL that contains a question mark. The fix, hit Control-v before typing the question mark. Just like Unix.
The second issue I had was with the router not registering with DynDns. Specifying debug ip ddns update showed the following:
Dec 6 10:03:00.988: HTTPDNSUPD: Sending request
Dec 6 10:03:20.996: HTTPDNSUPD: Call returned Connection time out, update of yourhost.dyndns.net <=> 123.123.123.123 failedIt turns out the second issue was with CBAC. I had to add an inspect entry to my router configuration:
ip inspect name CBAC-OUT tcp router-traffic
The relevant parts of my configuration are below:
ip inspect name CBAC-OUT tcp router-traffic
ip ddns update method DYNDNS
HTTP
add http://username:password@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 28 0 0 0
interval minimum 28 0 0 0
interface Dialer0
ip ddns update hostname putyourdnsnamehere
ip ddns update DYNDNS host members.dyndns.org
ip address negotiated
ip access-group DIALER0_IN-3 in
ip inspect CBAC-OUT out
ip access-list extended DIALER0_IN-3
permit icmp any any echo-reply
permit icmp any any ttl-exceeded
permit icmp any any time-exceeded
permit icmp any any packet-too-big
deny  ip any anyThanks to this thread at Whirlpool for helping me resolve this problem. For more on the ip inspect tcp router-traffic see Inspect router-generated traffic and it’s update Update: Inspect router-generated traffic. For information on CBAC try the following links:
http://www.ciscopress.com/articles/article.asp?p=26533
http://www.dslreports.com/faq/13435
http://www.cisco-tips.com/how-to-configure-cisco-router-with-ios-firewall-functionality-%E2%80%93-cbac/
http://articles.techrepublic.com.com/5100-10878_11-1057051.html
Post a Comment