Setting up Inside-Outside-Inside NAT

wolfkiel · ‎04-18-2002

I'm sure this has been discussed before but I've searched and not found it. My problem is classic. I have a broadband router (806) that is providing NAT. However, I also host an inside web server that needs to be publically and internally accessable. My problem is that when the web address is resolved for inside clients, the DNS server provides the outside IP address. The clients then are routed from Inside-Outside-Inside. I'm not sure exactly what breaks in the process but it doesn't work. I've also tried using two external IPs. (One Outside IP is used by clients to go out a different IP for the inbound web service.) Inside/Outside DNS isn't an option. If I can get it working I also want to use CBAC in both directions.

Thanks in advance.

thomas.chen · ‎04-25-2002

You’ll have to use local HOSTS files on all your internal machines for them to access the private address directly or give them their own DNS name for the server like wwwin.foo.com for example.

carter.davis · ‎09-11-2002

I have the same problem, but I can't use the HOSTS file since I have a couple of laptops which run both inside and outside and need to be able to connect to the mailserver. This is an easy problem on a PIX firewall with the alias command, but the 806 doesn't seem to have that avalible.

any other suggestions?

bcarroll · ‎04-26-2002

I would try the alias command. I just had the same issue on a pix 515. The alias cammand mapped my internal hosts and the DNS requests didn't go out. The one problem I still have is that now the Pix wants to reply to the name locally so I keep getting duplicate address messages when hosts do a netbios lookup.

-BC