Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1049
Views
0
Helpful
1
Replies

nat problem! cisco nat vs Linux iptables

leungwai
Level 1
Level 1

‎02-04-2005 12:11 AM - edited ‎03-02-2019 09:28 PM

nat problem with cisco router and DMZ:

WWW

|

e0/0(210.x.x.225)

Cisco 2600

e0/1(192.168.1.254/25)

|

|

(eth0:192.168.1.129/25)

Firewall(3 Interfaces)

|

|eth1(10.10.10.1/24) Internal Network 10 PCs

|

|eth2(192.168.0.1/24) DMZ

|Web server 192.168.0.15

Router nat setting:

ip nat pool my-pool 210.x.x.226 210.x.x.226 netmask 255.255.255.128

ip nat inside source list 20 pool my-pool overload

ip nat inside source static 192.168.0.15 210.x.x.227

ip classless

ip route 0.0.0.0 0.0.0.0 210.x.x.129

ip route 10.10.10.0 255.255.255.0 192.168.1.129

ip route 192.168.0.0 255.255.255.0 192.168.1.129

ip http server

Testing from outside:

------------------------------------

1. Ping web server 210.x.x.227 --> Success

2. Type http://192.x.x.227 in Web browser --> Success

Testing from inside network 10.10.10.0:

------------------------------------

1. Ping web server 192.168.0.15 -->Success

2. Type http://192.168.0.15 in Web browser -->Success

3. Ping web server 210.x.x.227 -->Success

4. Type http://210.x.x.227 in Web browser -->Fail

Using cisco router with nat, I cannot use http://210.x.x.227 from inside. But using linux iptables, it's works! Does it mean iptables is powerful?

My web server do not have any domain registerd, how to resove this issue?

Labels:
0 Helpful
1 Reply 1

didyap
Level 6
Level 6

‎02-10-2005 06:37 AM

If this works with iptables then there may be some problem with the NAT configuration on the router.Please refer the following link for more information on NAT configuration.

http://www.cisco.com/warp/public/556/12.pdf

0 Helpful
Customers Also Viewed These Support Documents