06-11-2010 02:20 PM - edited 03-04-2019 08:45 AM
Hi,
There is a web server on my network and I've created forvarding rule to that internal IP address on port 80.
But when a request is sent from outside, SDM responds and prompts for a password.
How can I stop SDM from responding and have router forward to the web server?
Thanks
Zen
Solved! Go to Solution.
06-11-2010 03:31 PM
Ok,
Please put the "ip http server'' command again to regain SDM access.
I believe the port redirection is working fine, but the internal device might not be responding appropiately.
Anyway, yo be 100% sure, could you attach a ''sh run'' and specify the IP for the connection?
Federico.
06-11-2010 02:23 PM
Zen,
The connection gets to the router on port 80?
If so, perhaps SDM is listening on port 80 and that's why it responds (and maybe the forwarding rule is not correct).
Please post the output of:
sh run | i ip nat
Federico.
06-11-2010 02:36 PM
#sh run | i ip nat
ip nat inside
ip nat outside
ip nat pool 10.10.10.0 10.10.10.2 10.10.10.254 netmask 255.255.255.0
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.10.10.2 80 interface Dialer0 80
PS: Do I actually need to have SDM in the router?
06-11-2010 03:01 PM
You don't have ASDM on the router? You mentioned that ASDM prompts for user/password when you attempt the connection on port 80.
If you don't use ASDM, you can disable the HTTP server or if you use ASDM, you can make ASDM to listen only on HTTPS (443)
In this way you can have the router pass traffic through the router on port 80.
Please post: sh run | i http
Federico.
06-11-2010 03:05 PM
cisco877#sh run | i http
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
GUIDE for your router or go to http://www.cisco.com/go/sdm
I am not planning to access SDM from outside. Can I remove SDM from the router?
06-11-2010 03:09 PM
Do this and try again:
router(config)# no ip http server
Federico.
06-11-2010 03:18 PM
Now I've lost HTTP access from both inside and outside. I still want to use SDM from local network.How can I achieve that?
And the main issue is port forwarding still does not forward HTTP requests to the web server
I think I got it! Apache virtual hosts had the old network addresses, which I used before installing 877. That's why I thought forwarding did not work. Testing...
Nope, looks like still no forwarding to port 80 of the web server on the lan.
06-11-2010 03:31 PM
Ok,
Please put the "ip http server'' command again to regain SDM access.
I believe the port redirection is working fine, but the internal device might not be responding appropiately.
Anyway, yo be 100% sure, could you attach a ''sh run'' and specify the IP for the connection?
Federico.
06-11-2010 03:44 PM
Actually, the port forwarding works when sight accessed from outside.
Only when I am trying from the inside network by the domain name, 877 responds with its own HTTP server.
Solved!
Well, solved partially. There is a slight problem: before moving to 877 I used a cheap router from SMC, which allowed me to access my internal web server by name from inside the LAN. I could type www.domain1.com or www.domain2.com and Apache served the named host.
But now I lost the ability to access from the LAN, only the external users see my web sites. How can I re-gain access from the LAN?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide