Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1071
Views
0
Helpful
4
Replies

NAT from outside source to an internal server

Go to solution
Keith Brugnani
Level 1
Level 1

‎03-03-2014 06:37 AM - edited ‎03-11-2019 08:52 PM

I have been working on this for months and I am still not able to get this working correctly. What I am trying to accomplish is to allow Usablenet to connect to our staging web server from the internet with an IP range for Usablenet.

The odd thing is this does not seem to be correct

object network web_staging_net

nat (web_staging,outside) dynamic interface

nat (web_staging,outside) source static obj-10.x.x.197 obj-209.x.x.97 destination static Useablenet Useablenet!

ACL

access-list outside_in extended permit tcp object-group Useablenet host 10.x.x.197 eq www

Any help will be greatly appreciated.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jj27
Spotlight

‎03-03-2014 07:08 AM

What is the configuration of the object web_staging_net? Is it a subnet or single host?

I would recommend creating a separate host entry for 10.x.x.197 and removing the static NAT entry from the other object.

Something like this:

object network web_10.x.x.197

host 10.x.x.197

nat (web_staging,outside) static obj-209.x.x.97

View solution in original post

0 Helpful
4 Replies 4

Go to solution
jj27
Spotlight

‎03-03-2014 07:08 AM

What is the configuration of the object web_staging_net? Is it a subnet or single host?

I would recommend creating a separate host entry for 10.x.x.197 and removing the static NAT entry from the other object.

Something like this:

object network web_10.x.x.197

host 10.x.x.197

nat (web_staging,outside) static obj-209.x.x.97

0 Helpful

Go to solution
Keith Brugnani
Level 1
Level 1
In response to jj27

‎03-06-2014 04:48 AM

It is a single host and web_staging is a network object group and I am just trying to create a one to one relationship.

For example

useablenet connects through 209.x.x.97 that translates to 10.x.x.97 and only allowing usablenet to connect

0 Helpful

Go to solution
jj27
Spotlight
In response to Keith Brugnani

‎03-06-2014 06:08 AM

Please post the current output of:

show run object

show run object-group

show run nat

0 Helpful

Go to solution
Keith Brugnani
Level 1
Level 1

‎03-06-2014 12:13 PM

This has been resolved, it was simply a routing issue where the 209.x.x.97 was not routable.

0 Helpful
Review Cisco Networking for a $25 gift card
Top