Thanks for the quick reply.

I did but it's the same result:

172.16.40.12 -> 192.168.99.250 on port 80 doesn't work.

Here is the current config.

Hello

Did you read my edited post?

I labbed this up and it worked  So can you confirm your config again as I don't see why it should not work for you.

res

Paul

I can back Paul on this. I just loaded this up on my router and had no trouble:

interface GigabitEthernet0/0
 description LAN
 ip nat enable
!
interface GigabitEthernet0/1
 description WAN
 ip nat enable
!
object-group network OG_RFC1918 
 10.0.0.0 255.0.0.0
 172.16.0.0 255.240.0.0
 192.168.0.0 255.255.0.0
!
ip access-list extended ACL_NAT_NVI
 permit ip object-group OG_RFC1918 any
!
route-map RM_NAT_NVI permit 10
 match ip address ACL_NAT_NVI
 match interface GigabitEthernet0/1
!
ip nat source route-map RM_NAT_NVI interface GigabitEthernet0/1 overload
ip nat source static tcp 172.23.0.2 80 interface GigabitEthernet0/1 80

Opening a web browser to my public IPv4 address on GigabitEthernet0/1 from a client on the LAN interface brings up the web page without any difficulty.

Are you able to open a telnet session from the router to 80/tcp on your web server using the WAN interface as the source? If there's a routing problem on the host preventing traffic from getting back, that will trip things up.

Hi.

No it dosen't work unfortunatly. The config is the same as the last message with Paul if you wanna take a look. On the PC it's nothing special done and it works externally to access the PC on port 80.

Router01#telnet 192.168.99.250 80 /source-interface gigabitEthernet 0/1
Trying 192.168.99.250, 80 ...
% Connection timed out; remote host not responding

It also works to telnet from 192.168.99.254 that is my "external" default gateway.

SWITCH_L3_1#telnet 192.168.99.250 80
Trying 192.168.99.250, 80 ... Open

The fact that you can't connect from the router using the outside interface makes me think that this goes beyond a NAT problem. If your web server is using your router as the default gateway, you should be able to connect to it using the WAN interface of the router as a source... regardless of the NAT configuration.

A few questions to ask here. Is the web server using the router as its default gateway? Does the web server have any other interfaces on it? Is there any kind of host-based firewall active that is restricting connections from specific sources?

Hold on... missed something there. Scratch that. Can you try connecting to the web server's actual IP address using GigabitEthernet0/1 as the source? Not worried about the NAT address at this point.

Hi.

That worked fine.

Router01#telnet 172.16.40.11 80 /source-interface gigabitEthernet 0/1
Trying 172.16.40.11, 80 ... Open

I also added the route print from the webserver. It does only have one interface and one default gateway.

Kind regards, Tommy

I put in your config but still it won't work.

Could you take a look so I did it correctly?

Kind regards, Tommy

Hello

Makes me think possible IOS ..

what version are you using?

res

Paul

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(4)M2, RELEASE SOFTWARE (fc2)

Could it be this version?

Kind regards, Tommy

Hi.

Did anyone figure out anything about this? Is it a problem with my IOS version?

Kind regards, Tommy

It's possible. 15.2.4M2 has been superseded by a number of patch releases since then. Last I looked it was up to 15.2.4M6a. Personally, I've been standardizing on 15.3.3M4 for all of my ISR G2s.

Hi.

I got hold of Version 15.4(2)T1 as I posted above but it still won't work accessing the sites NATed IP from the LAN. Here's my config aswell.

Kind regards,