Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1485
Views
5
Helpful
4
Replies

Access to published server from NAT on the same router?

Go to solution
Ivanleonel
Level 1
Level 1

‎10-29-2019 07:34 AM

Hi,

 

I have ISR router and published server (static NAT). Server’s FQDN server.domain.com

Also, this router has a wi-fi network with NAT pool.

If wi-fi clients try to connect to server.domain.com connection doesn’t work because of resolving to server’s public IP.

I don’t want to use split-dns.

I’m thinking about PBR + next hop to ISP’s gateway, but not sure about this solution.

 

Are there any options?

Labels:
Preview file
39 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP
In response to Ivanleonel

‎10-29-2019 10:15 AM

Hello

If you wish to access the server via the public ip address then try the following

Example - Nat hairpinning:
int loopback 100
description Nat_pin
ip address 169.254.1.1 255.255.255.255
ip nat inside

ip access-list extended 110
remark global nat access-list
5 deny ip 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255


ip access-list nat-pinning
permit ip 192.168.1.0 0.0.0.255 host 192.168.2.10

route-map NAT_PBR
set interface loopback 100

int x/x
description wan interface
ip nat outside
no ip redirects
ip policy-route NAT_PBR

ip nat inside source list nat-pinning interface loopback100


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

4 Replies 4

Go to solution
Georg Pauwen
VIP
VIP

‎10-29-2019 07:54 AM

Hello,

 

not sure what you are asking: what IP address (local or tanslated) do the wi-fi clients need to access by domain name ?

0 Helpful

Go to solution
Ivanleonel
Level 1
Level 1
In response to Georg Pauwen

‎10-29-2019 08:37 AM

I have attached PNG file to my first post.

I want to be able access server.domain.com from wi-fi network which IP address is 100.100.100.5

 

It goes like this

w-fi client-192.168.1.66 > NAT 100.100.100.5 > 100.100.100.10 NAT> 192.168.2.10-server

all this happens on the same router. 

0 Helpful

Go to solution
paul driver
VIP
VIP
In response to Ivanleonel

‎10-29-2019 10:15 AM

Hello

If you wish to access the server via the public ip address then try the following

Example - Nat hairpinning:
int loopback 100
description Nat_pin
ip address 169.254.1.1 255.255.255.255
ip nat inside

ip access-list extended 110
remark global nat access-list
5 deny ip 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255


ip access-list nat-pinning
permit ip 192.168.1.0 0.0.0.255 host 192.168.2.10

route-map NAT_PBR
set interface loopback 100

int x/x
description wan interface
ip nat outside
no ip redirects
ip policy-route NAT_PBR

ip nat inside source list nat-pinning interface loopback100


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
Ivanleonel
Level 1
Level 1
In response to paul driver

‎10-29-2019 11:19 AM

Thank you very much! That is what I was looking for! :)
0 Helpful
Customers Also Viewed These Support Documents