Nat Configuration

SENALEX · ‎01-01-2020

Dear team,

i have cisco 2900 series router and i have a sucessfully configured NAT which routes all my internal users from the 10.*.*.*.* private LAN address to the internet. i have one public IP. The NAT is confiugred the usual way. NOW, What I want is TO configure A NAT from the itnernet to my internal LAN, so that when someone hits MY PUBLIC ip from the internet or external network, they should land to my web server where i have my webapplication hosted. so , i want to redirect my users from the internet to my internal web applicaton when they hit my public IP i got from my ISP.

PLEEEEESEEE HELP ME., ...AND let me know if my question is not clear...

thanks in advance,

Georg Pauwen · ‎01-01-2020

Hello,

you need a static NAT entry similiar to the one below:

ip nat inside source static tcp 80 192.168.1.100 69.65.100.102 80

In this example. 192.168.1.100 is your webserver, and 69.65.100.102 the public IP address. Whenever somebody connects to port 80 on the public address, he or she will be redirected to your webserver.

SENALEX · ‎01-02-2020

hi Georg,

thanks for your quick reply, do i need to enter that command under a specific interface or anywhere in my router configuration?

Georg Pauwen · ‎01-02-2020

Hello,

it is a global command:

Router#conf t

Router(config)#ip nat inside source static tcp 80 192.168.1.100 69.65.100.102 80

SENALEX · ‎01-02-2020

Thanks Gorg,

it has worked , buti wanna add one more questions, obviously all my users don't call my web app using IP addresses from the internet which is too risky from security point of view, so how can i configure it to be called on using some address like "local.xxx.com" where "xxx.com" is my legal domain name registered on godaddy.

kindly advise,

Georg Pauwen · ‎01-02-2020

Hello,

your best option is probably to use one of the (free) dynamic DNS services.

https://www.maketecheasier.com/best-dynamic-dns-providers/

paul driver · ‎01-02-2020

Hello

@SENALEX wrote:

Thanks Gorg,

it has worked , buti wanna add one more questions, obviously all my users don't call my web app using IP addresses from the internet which is too risky from security point of view, so how can i configure it to be called on using some address like "local.xxx.com" where "xxx.com" is my legal domain name registered on godaddy.

kindly advise,

if you have a static public ip address already supplied by your ISP then you would not require to use any DDNS
You should be able to register/bind the web servers name to your legal registered domain name with little or no extra cost to allow external users to use the new FQDN of the web server.- eg: mail.xxxx.com.

As for you internal users, you can either let them access the web server via the internal ip address of the web server with a local FQDN , or you could configure nat so your internal users also use the public FQDN of the web server,, You could even just append to each HOST file of the users pc a FQDN of the web server but that can be very administrative and i guess wont reach every IOT device needing to access the web server.

.
How many users do you have?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Georg Pauwen · ‎01-02-2020

GoDaddy.com and Register.com are not free, no-ip.com is, and can also be used with static IP addresses...

https://www.noip.com/support/knowledgebase/free-dynamic-dns-getting-started-guide-ip-version/