hi

i have web server inside the network behind cisco router 1750

i can access the web from outside with domain name and with external ip address with no problem

i can access the web from inside with domain name and with internal ip address with no problem

but i can't access it by external ip address from inside the network

can you help to tell me why?and what i should do?

Current configuration : 3415 bytes

!

version 12.3

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname fcore

!

boot-start-marker

boot-end-marker

!

enable password 7 0xxxxxxxxxxxx

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef

!

!

ip dhcp excluded-address 10.10.3.0 10.10.3.30

!

ip dhcp pool Local

network 10.10.3.0 255.255.255.0

netbios-node-type b-node

dns-server 200.40.xx.xx

default-router 10.10.3.1

domain-name xxxxxxxxxxxxxx

lease 30

!

!

ip name-server 200.40.xx.xx

no ftp-server write-enable

!

!

!

interface FastEthernet0/0

description connected to internet

ip address 200.40.xx.xx 255.255.255.252

ip nat outside

rate-limit input access-group 101 64000 64000 64000 conform-action transmit exceed-action drop

no ip route-cache cef

speed auto

!

interface FastEthernet0/1

description connect to BMS_PPPoE

switchport access vlan 100

no ip address

!

interface FastEthernet0/2

description connect to RADIUS SERVER

switchport access vlan 100

no ip address

!

interface FastEthernet0/3

description connect to Switch NOC

switchport access vlan 100

no ip address

!

interface FastEthernet0/4

description connect to Switch LAN

switchport access vlan 200

no ip address

!

interface Vlan1

no ip address

!

interface Vlan100

ip address 10.10.1.1 255.255.255.240

ip nat inside

rate-limit output access-group 101 64000 64000 64000 conform-action transmit exceed-action drop

!

interface Vlan200

ip address 10.10.3.1 255.255.255.0 secondary

ip address 10.10.0.1 255.255.255.0

ip nat inside

!

router rip

version 2

passive-interface FastEthernet0/0

network 10.0.0.0

network 192.168.1.0

network 192.168.2.0

network 192.168.3.0

no auto-summary

!

ip nat translation timeout 2000

ip nat translation tcp-timeout 2000

ip nat inside source list 1 interface FastEthernet0/0 overload

ip nat inside source static tcp 10.10.1.4 22 200.40.xx.xx 22 extendable

ip nat inside source static tcp 10.10.1.4 80 200.40.xx.xx 80 extendable

ip nat inside source static tcp 10.10.1.5 1114 200.40.xx.xx 1114 extendable

ip nat inside source static tcp 10.10.1.5 5900 200.40.xx.xx 5900 extendable

ip classless

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

ip route 10.10.4.0 255.255.255.0 10.10.1.3 name pppoe_static_pool

ip route 10.10.5.0 255.255.255.0 10.10.1.3 name pppoe_dinamic_pool

no ip http server

!

ip access-list standard RR

!

!

access-list 1 permit 10.10.1.5

access-list 1 permit 10.10.1.4

access-list 1 permit 10.10.4.0 0.0.0.255

access-list 1 permit 10.10.5.0 0.0.0.255

access-list 101 permit tcp any eq 1214 any

access-list 101 permit tcp any eq 5190 any

access-list 101 permit tcp any range 41000 50000 any

access-list 101 permit tcp any range 6300 6400 any

access-list 101 permit tcp any range 27000 27999 any

access-list 101 permit udp any range 27000 27999 any

access-list 101 permit udp any eq 4000 any

access-list 101 permit tcp any eq 5050 any

access-list 101 permit tcp any eq 8888 any

access-list 101 permit udp any eq 8888 any

access-list 200 permit 0x8864 0x0000

access-list 200 permit 0x8863 0x0000

snmp-server community floral., RO RR

snmp-server contact xxx

snmp-server enable traps tty

!

control-plane

!

!

line con 0

exec-timeout 0 0

password 7 xxxxxxxxxxxxxx login

line aux 0

line vty 0 4

password 7 0xxxxxxxxxxx5B

login

!

end