Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
766
Views
3
Helpful
12
Replies

allow internet user see my private lan

emadehsan
Level 1
Level 1

‎08-12-2006 02:23 AM - edited ‎03-03-2019 04:29 AM

I have a mailserver with invali ip address

we have also some Valid ip address

how can I use nat to see this server form internet?

Labels:
0 Helpful
12 Replies 12

devang_etcom
Level 7
Level 7

‎08-12-2006 02:32 AM

you can use the static NAT for your server IP address...to allow internet user to use your mail server from internet...

for configuration look at this link:http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f31.shtml

please rate this post if it helps

regards

Devang

0 Helpful

emadehsan
Level 1
Level 1
In response to devang_etcom

‎08-12-2006 04:22 AM

HI devang

thank you

I add this command to my route

ip nat inside source static c.v.b.n a.s.d.f

now i can ping the ip address but cant access or browse my server

0 Helpful

desai.jaideep
Level 5
Level 5
In response to emadehsan

‎08-12-2006 04:27 AM

Hi

Please give the entire config.

Regards

JD

0 Helpful

emadehsan
Level 1
Level 1
In response to desai.jaideep

‎08-12-2006 04:57 AM

the config is something like this

serial 0

ip adrress m.n.b.v

ip nat outside

fasethernet 0

ip adrs 172.16.100.109

ip nat inside

ip nat inside source static 172.16.100.7(mailserver) a.b.c.d

waiting for your reply

0 Helpful

desai.jaideep
Level 5
Level 5
In response to emadehsan

‎08-12-2006 05:22 AM

Hi

You have not mentioned following into the router

ip nat pool test a.b.c.d a.b.c.i netmask 255.255.255.x

ip nat inside source list 1 pool test overload

access-list 1 permit 172.16.100.0 0.0.0.255

Hope that helps.

Pls rate helpful posts.

Regards

JD

0 Helpful

emadehsan
Level 1
Level 1
In response to desai.jaideep

‎08-12-2006 05:33 AM

Dear Jd

your config is when my local addresses want access to internet

but my problem is that I want to make available my mailserver from internet

0 Helpful

desai.jaideep
Level 5
Level 5
In response to emadehsan

‎08-12-2006 05:44 AM

Sorry,

My mistake in understanding.

Regards

JD

0 Helpful

emadehsan
Level 1
Level 1
In response to desai.jaideep

‎08-12-2006 05:50 AM

dear JD

here is want i need..

Configuring NAT to Allow the Internet to Access Internal Devices

can u help me?

0 Helpful

emadehsan
Level 1
Level 1
In response to desai.jaideep

‎08-12-2006 06:12 AM

Dear JD

thank you for your doc

I will give a good rate to you

but acctually i have these documents but i dont know why it doesnt work

can you give a sample config ?

0 Helpful

desai.jaideep
Level 5
Level 5
In response to emadehsan

‎08-12-2006 10:39 PM

Dear Ehsan

Below is the config I have been doing:It is basically a LAB setup in which I have public IPs 192.168.1.0/24 and private IPs 192.168.2.0/24.Now I am giving 192.168.1.165/24 on one ethernet and 192.168.2.1/24 on another ethernet.I have kept a webserver (a Ip camera with a web server..to be precise), which is given a IP 192.168.2.200/24. Now from pool 192.168.1.0 (My PC ip is 192.168.1.75/24) I give 192.168.1.165 in my web browser, and I get access to my network camera.

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$up5a$RW41pVnG8M8PfsKSZFgc0.

!

username cisco password 0 cisco

no network-clock-participate slot 1

no network-clock-participate wic 0

no aaa new-model

ip subnet-zero

ip cef

!

!

no ftp-server write-enable

!

!

!

!

interface FastEthernet0/0

ip address 192.168.1.165 255.255.255.0

ip nat outside

duplex auto

speed auto

!

interface FastEthernet0/1

ip address 192.168.2.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

ip nat pool test 192.168.1.165 192.168.1.165 netmask 255.255.255.0

ip nat inside source list 1 pool test overload

ip nat inside source static 192.168.2.200 192.168.1.165

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.1.254

ip http server

!

access-list 1 permit 192.168.2.0 0.0.0.255

!

line con 0

line aux 0

line vty 0 4

login local

line vty 5 15

login local

!

!

!

end

Router#sh ip nat translations

Pro Inside global Inside local Outside local Outside global

tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1197 192.168.1.75:1197

tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1200 192.168.1.75:1200

tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1201 192.168.1.75:1201

tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1202 192.168.1.75:1202

tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1203 192.168.1.75:1203

tcp 192.168.1.165:80 192.168.2.200:80 192.168.1.75:1204 192.168.1.75:1204

--- 192.168.1.165 192.168.2.200 --- ---

There may be some issue with your mail server.

Regards

JD

0 Helpful

globalnettech
Level 5
Level 5
In response to desai.jaideep

‎08-13-2006 06:14 AM

Hello,

in addition to the other posts, you might want to try and add a static port translation for port 25 and port 110. Let's assume the IP address of your mail server is 192.168.1.20, the static entries would look like this:

ip nat inside source static tcp 25 192.168.1.20 212.136.12.2 25 extendable

ip nat inside source static tcp 110 192.168.1.20 212.136.12.2 110 extendable

If your external interface does not have a static IP address, but rather a dynamic one, the entries would be:

ip nat inside source static tcp 25 192.168.1.20 interface Dialer0

ip nat inside source static tcp 110 192.168.1.20 interface Dialer0

Regards,

GNT

0 Helpful
Customers Also Viewed These Support Documents