10-09-2023 02:57 PM
I am currently learning about NAT using Cisco Packet Tracer. I have set up a web server named www.isp.com with the IP address 209.165.100.12. I configured NAT on the ISP router and also set up static port forwarding using the following command:
ip nat inside source static tcp 209.165.100.12 80 209.165.110.3 8080
interface Gig0/1
ip nat inside
exit
interface Serial0/0/0
ip nat outside
exit
When I access the local IP in my web browser (209.165.100.12) from the DNS server 209.165.100.11, the website is displayed without any issues. However, when I try to access the website using the public IP (209.165.110.3), I receive a Request Timeout error.
I have tested it from various clients within my Packet Tracer environment. I have uploaded the Packet Tracer file and my configuration commands directly. Can someone please explain where my mistake might be?
Paket Tracer File: https://easyupload.io/w9svqs
Here the running-config of the ISP Router:
ISP#show running-config
Building configuration...
Current configuration : 1145 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname ISP
!
!
!
!
!
!
!
!
no ip cef
ipv6 unicast-routing
!
no ipv6 cef
!
!
!
!
license udi pid CISCO1941/K9 sn FTX15242AUZ-
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
shutdown
!
interface GigabitEthernet0/1
ip address 209.165.100.1 255.255.255.0
ip nat inside
duplex auto
speed auto
ipv6 address 2001:DB8:AB:1::1/64
!
interface Serial0/0/0
ip address 209.165.110.1 255.255.255.248
ip nat outside
ipv6 address 2001:DB8:AB:AB00::1/64
clock rate 2000000
!
interface Serial0/0/1
no ip address
clock rate 2000000
shutdown
!
interface Vlan1
no ip address
shutdown
!
ip nat inside source list 1 interface Serial0/0/0 overload
ip nat inside source static tcp 209.165.100.12 80 209.165.110.3 8080
ip nat inside source static udp 209.165.100.11 53 209.165.110.4 53
ip classless
!
ip flow-export version 9
!
!
access-list 1 permit 209.165.100.0 0.0.0.255
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end
10-09-2023 11:06 PM
Why it not work?
How you check ?
10-10-2023 12:20 AM - edited 10-10-2023 01:43 AM
Hello,
I have verified this using a web browser (please refer to the screenshot). Additionally, I attempted to create a complex PDU using HTTP, but all my attempts were unsuccessful.
If I configure a static route on R1 (ip route 0.0.0.0 0.0.0.0 192.168.2.1), the connection appears to function properly from the admin computer. However, I'm curious why setting up the default route is necessary? Additionally, I'm puzzled as to why it doesn't work from the DNS server?
10-10-2023 12:26 AM
Remove server and add it again and check.
This PKT and there are many bug
10-10-2023 01:44 AM
Hello
Thank you. I tried but it didn't seem to work. If I configure a static route on R1 (ip route 0.0.0.0 0.0.0.0 192.168.2.1), the connection appears to function properly from the admin computer. However, I'm curious why setting up the default route is necessary? Additionally, I'm puzzled as to why it doesn't work from the DNS server?
10-10-2023 12:12 AM
as per the diagram, i think you have routing issue here,
you have attached some config, which is not clear , what routing in place
can you try from ISP router are you able to ping 209.165.100.12
i see in the config you have many NAT in the routers, if that is case where is the web server configured (i see ww.isp.ch) - dont see www.isp.com on the diagram. ISP router which side inside and outside ?
10-10-2023 12:26 AM - edited 10-10-2023 01:43 AM
Hello,
Thank you very much for your response. I've successfully pinged the web server from the ISP (which is actually www.isp.ch
However, I should clarify that the ping for 209.165.110.3 isn't working because it only responds to HTTP requests (ip nat inside source static tcp 209.165.100.12 80 209.165.110.3 8080). If I attempt to access the website from the DNS server using the local IP, it works fine:
But when I try to access it via the IP 209.165.110.3, it doesn't work:
If I configure a static route on R1 (ip route 0.0.0.0 0.0.0.0 192.168.2.1), the connection appears to function properly from the admin computer. However, I'm curious why setting up the default route is necessary? Additionally, I'm puzzled as to why it doesn't work from the DNS server?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide