cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Cisco 2600 - routing issue

35
Views
0
Helpful
0
Comments
Hello everybody
I'm working on an  existing network and i would like to have your advice about an issue i can't  solve.
Here is the  case:
We have two LANs,  one for users stations, the other for servers.
One of the web  server is accessible from the public network. The same server was supposed to be  accessible from the LAN users.
The thing is, I have  to reach the server from the LAN users using the public  address.
It's neccessary  because there's something on the page I guess which make the client requesting  anyway the public address.

When 192.168.16.48 tried to reach 148.233.39.242 (the web server public address), the packet left the Serial0/0 interface nated

but doesn't go anywhere else.

Is there something that we can put to redirect the packet to 200.25.124.15 when it comes from the 192.168.16.0 network as it's the case when it comes from the public network.

I a bit novice with Cisco.

Thanks in advance for your  help


archi.JPG
show running-config
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime localtime
service password-encryption
!
!
!
!
!
clock timezone hora_centro -6
clock summer-time hora_verano recurring
ip subnet-zero
no ip finger
no ip domain-lookup
!
no ip bootp server
!
!
process-max-time 200
!
interface FastEthernet0/0
ip address 200.25.124.1 255.255.255.192 secondary
ip address 192.168.16.254 255.255.255.0 secondary
ip address 192.168.15.254 255.255.255.0
ip access-group 104 in
ip access-group 105 out
no ip directed-broadcast
ip accounting output-packets
ip nat inside
!
interface Serial0/0
description Internet
bandwidth 256
ip address 200.84.22.234 255.255.255.252
no ip directed-broadcast
ip nat outside
no ip mroute-cache
no fair-queue
!
interface Serial0/1
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0/2
description
bandwidth 64
ip address 192.168.254.5 255.255.255.252
no ip directed-broadcast
ip nat inside
shutdown
fair-queue 64 256 0
!
ip nat inside source list 100 interface Serial0/0 overload
ip nat inside source list 101 interface Serial0/0 overload
ip nat inside source list 102 interface Serial0/0 overload
ip nat inside source static tcp 192.168.15.201 500 interface Serial0/0 500
ip nat inside source static tcp 192.168.15.201 443 interface Serial0/0 443
ip nat inside source static tcp 192.168.15.201 5901 interface Serial0/0 5901
ip nat inside source static 192.168.15.200 148.233.39.246
ip nat inside source static 192.168.16.8 148.233.39.245
ip nat inside source static 192.168.16.7 148.233.39.243
ip nat inside source static 200.25.124.5 148.233.39.241
ip nat inside source static 200.25.124.15 148.233.39.242
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/0
ip route 192.168.43.0 255.255.255.0 Serial0/2
ip route 200.25.124.192 255.255.255.224 Serial0/2
no ip http server
!
access-list 100 permit ip 192.168.15.0 0.0.0.255 any
access-list 101 permit ip 192.168.43.0 0.0.0.255 any
access-list 102 permit ip 192.168.254.4 0.0.0.3 any
access-list 103 permit tcp any host 148.233.39.241 eq smtp log
access-list 103 permit tcp any host 148.233.39.241 eq www log
access-list 103 permit tcp any host 148.233.39.241 eq pop3 log
access-list 103 deny   tcp any host 148.233.39.241 log
access-list 103 deny   tcp any host 200.84.22.234 eq telnet log
access-list 103 permit ip any any
access-list 104 deny   tcp any any eq 4444 log
access-list 104 deny   tcp any any eq 135 log
access-list 104 deny   tcp any any eq 10000 log
access-list 104 deny   tcp any any eq 2283 log
access-list 104 deny   tcp any any eq 445 log
access-list 104 deny   tcp any any eq 5554 log
access-list 104 deny   tcp any any eq 9996 log
access-list 104 deny   tcp any any eq 1409 log
access-list 104 deny   tcp any any eq 7000 log
access-list 104 deny   tcp any any eq 41401 log
access-list 104 deny   udp any any eq 41401 log
access-list 104 deny   udp any any eq tftp log
access-list 104 permit ip any any
access-list 104 permit tcp any any
access-list 105 deny   ip host 69.42.67.154 any
access-list 105 deny   ip host 216.130.188.210 any
access-list 105 deny   ip 127.0.0.0 0.255.255.255 any
access-list 105 permit ip any any
arp 192.168.15.33 000a.9585.c05a ARPA


end

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards