07-21-2010 02:20 PM - edited 03-04-2019 09:08 AM
Hi all,
We are having some issue accesing, from our LAN, to a web server situated on the same internal network through our public address. We are trying to do so, since we use a program with a hyperlink to that web server and, we can use it making demos on our LAN or on a customer's site (no DNS server available on our LAN).
We have a Cisco 837 ADSL router and we have the NAT configured. From the Internet we haven't got any problem on accessing the http port of the server. But, when from our LAN we type http://X.X.X.X (where X is our public IP address), we do not receive any response (if we activate the "ip http server" on the router, we access the router web page). This is what we have configured:
ip nat inside source static tcp 192.168.1.2 80 X.X.X.X 80 extendable
interface ethernet0
ip nat inside
interface Dialer0
ip nat outside
What are we missing? Should we use "ip nat inside destination.."? Is it possible to do this configuration?
Any suggestion will be appreciated!
THANK YOU VERY MUCH IN ADVANCE!
07-21-2010 04:48 PM
Can you please post debug ip nat out while trying to access your webserver from lan ? also please post complete sh run ( remove passwords + public ip's ). also, your overload nat ip and static nat ip for web server are different right ? or you are doing port translation ?
thanks
manish
07-21-2010 05:04 PM
Hello,
You would have to configure NAT Virtual interface and apply NAT to the virtual interface. This will ensure that the NAT is applied irrespective of the interface it is coming from.
Example:
no ip nat source static
You need to do the above with all the existing NAT configurations. You can reinsert them once you configure the below commands.
interface Dialer0
no ip nat outside
ip nat enable
exit
interface Ethernet0
no ip nat inside
ip nat enable
exit
ip nat source static
When you configure like above, the router will create a NVI interface and apply all NAT configurations to that interface. From then onwards, whenever you access any of the translated addresses from any interface, it will be handled by the NVI interface. NVI interface un-nats the traffic and sends it to correct destination.
Hope this helps.
Regards,
NT
07-22-2010 01:53 PM
Thank you very much for your answers,
We have tried today configuring the NAT virtual interface, but the command "ip nat enable" was not supported. We are using an old 837. Which IOS version should we install?
THANK YOU VERY MUCH!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: