Solved: NAT solution - Page 2

s-santhosh · ‎08-25-2011

Hi,

We have a server in DMZ network with IP 10.1.1.20

Client VLANs(Local LAN users) are provided access to the 10.1.1.20

This server is also need to access via internet so created a NAT entry - Natted to public IP 192.168.1.20 (Just for understanding)

Now client VLAN users are able to access the server on port 80 using IP 10.1.1.20,but unabe to access to 192.168.1.20.

Is there any solution to have a access to public IP 192.168.1.20 on port 80 from Client VLAN

/San

s-santhosh · ‎08-25-2011

Hi Varun,

At any time I'm only able to apply any one static NAT, below is the error messge while config 2nd static

ERROR: mapped-address conflict with existing static

General_Services:10.1.1.20 to inside:192.168.1.20 netmask 255.255.255.255

So with this single static, below is the xlate output, after clearing the local xlate

Global 192.168.1.20 Local 10.1.1.20

Even when i configure this....I see from Local LAN unable to access 10.1.1.20

-San

varrao · ‎08-25-2011

Hi Santosh,

i had tried the config first before suggesting it to you, and it worked:

You would need to first remove the configuration for that you have for the inside users, mainly this static:

static (General_Services,Internet) tcp 192.168.1.20 www 10.1.1.20 www netmask 255.255.255.255

and then apply the one that was provided earlier.

Thanks,

Varun

Thanks,
Varun Rao

s-santhosh · ‎08-26-2011

Hi Varun,

Thanks alot for your support. It worked,

Regards,

Santhosh

varrao · ‎08-26-2011

Hi Santosh,

Rally happy it worked for you , I also enjoyed wporking on it and finding the solution for you.

Thanks,

Varun

Thanks,
Varun Rao