Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1593
Views
0
Helpful
7
Replies

STATIC NAT - My Web Server is not accessible from Internet

ArunVerma0530
Level 1
Level 1

‎07-02-2020 10:31 AM

Hello Cisco Team,

 

I am using Static NAT to make my internal server accessible from Internet.

My WAN IP is *.*.*.117 255.255.255.248

My Server LAN IP is 10.132.62.25 

I am using CISCO 2811 router.

WAN IP on int fe0/1 ip nat outside 

LAN IP on int fe0/0 ip nat inside

ip nat inside source static tcp 10.132.62.25 80 *.*.*.117 8100

i tried to open web server *.*.*.117 8100 from my home pc with public ip 59.89.60.235.

I didn't get anything.

 

 

My ip nat translations are:-

CISCO2811#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp *.*.*.117:8100 10.132.62.25:80 59.89.60.235:52750 59.89.60.235:52750
tcp *.*.*.117:8100 10.132.62.25:80 59.89.60.235:52752 59.89.60.235:52752

Also ping from router is : -

CISCO2811#ping 8.8.8.8

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms

CISCO2811#ping 10.132.62.25

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.132.62.25, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
CISCO2811#telnet 10.132.62.25 80
Trying 10.132.62.25, 80 ... Open


^C
HTTP/1.1 400 Bad Request
Date: Thu, 02 Jul 2020 17:02:40 GMT
Server: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.2.31

....
[Connection to 10.132.62.25 closed by foreign host]

Kindly assist. Where is the problem?

 

Labels:
0 Helpful
7 Replies 7

Georg Pauwen
VIP
VIP

‎07-02-2020 12:07 PM

Hello,

 

what does the rest of your configuration look like ?

 

400 Bad Request usually means the server doesn't accept the client request, so the issue is likely not the NAT statement, but the server configuration.

 

 

0 Helpful

ArunVerma0530
Level 1
Level 1
In response to Georg Pauwen

‎07-03-2020 09:42 AM

CISCO2811#telnet 10.132.62.25 80
Trying 10.132.62.25, 80 ... Open



^C
HTTP/1.1 400 Bad Request
Date: Fri, 03 Jul 2020 16:40:00 GMT
Server: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.2.31
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en
Expires: Fri, 03 Jul 2020 16:40:00 GMT

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Bad request!</title>
<link rev="made" href="mailto:postmaster@localhost" />
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
body { color: #000000; background-color: #FFFFFF; }
a:link { color: #0000CC; }
p, address {margin-left: 3em;}
span {font-size: smaller;}
/*]]>*/--></style>
</head>

<body>
<h1>Bad request!</h1>
<p>


Your browser (or proxy) sent a request that
this server could not understand.

</p>
<p>
If you think this is a server error, please contact
the <a href="mailto:postmaster@localhost">webmaster</a>.

</p>

<h2>Error 400</h2>
<address>
<a href="/">localhost</a><br />
<span>Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.2.31</span>
</address>
</body>
</html>


[Connection to 10.132.62.25 closed by foreign host]




CISCO2811#telnet 117.239.7.117 8100
Trying 117.239.7.117, 8100 ...
% Connection refused by remote host

CISCO2811#
0 Helpful

paul driver
VIP
VIP

‎07-02-2020 12:37 PM - edited ‎07-02-2020 12:39 PM

Hello

@ArunVerma0530 wrote:

Hello Cisco Team,

 

I am using Static NAT to make my internal server accessible from Internet.

My WAN IP is *.*.*.117 255.255.255.248

My Server LAN IP is 10.132.62.25 

I am using CISCO 2811 router.

WAN IP on int fe0/1 ip nat outside 

LAN IP on int fe0/0 ip nat inside

ip nat inside source static tcp 10.132.62.25 80 *.*.*.117 8100

i tried to open web server *.*.*.117 8100 from my home pc with public ip 59.89.60.235.

I didn't get anything.

 

My ip nat translations are:-

CISCO2811#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp *.*.*.117:8100 10.132.62.25:80 59.89.60.235:52750 59.89.60.235:52750
tcp *.*.*.117:8100 10.132.62.25:80 59.89.60.235:52752 59.89.60.235:52752

Also ping from router is : -

 

FYI-
Error 4xx messages are client related
Error 5xx messages are server related

 

How are you trying to connect, via browser or telnet, if browser make sure you using http and not https in the url and ip address and not fqdn

If you have a telnet client try accessing the server telnet x.x.x117 8100 but temporally disable any software firewall running on the client
Also post the output of:
sh ip route


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

ArunVerma0530
Level 1
Level 1
In response to paul driver

‎07-03-2020 09:35 AM

Thanks for the reply. sh ip route gives :
C *.*.*.112 is directly connected, FastEthernet0/1
C 10.132.62.0 /24 is directly connected, FastEthernet0/0
S 0.0.0.0/0 [1/0] via *.*.*.112
0 Helpful

ArunVerma0530
Level 1
Level 1
In response to paul driver

‎07-03-2020 09:36 AM

 
Preview file
216 KB
0 Helpful

ArunVerma0530
Level 1
Level 1

‎07-03-2020 09:44 AM

CISCO2811#telnet 10.132.62.25 80
Trying 10.132.62.25, 80 ... Open



^C
HTTP/1.1 400 Bad Request
Date: Fri, 03 Jul 2020 16:40:00 GMT
Server: Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.2.31
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=utf-8
Content-Language: en
Expires: Fri, 03 Jul 2020 16:40:00 GMT

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<title>Bad request!</title>
<link rev="made" href="mailto:postmaster@localhost" />
<style type="text/css"><!--/*--><![CDATA[/*><!--*/
body { color: #000000; background-color: #FFFFFF; }
a:link { color: #0000CC; }
p, address {margin-left: 3em;}
span {font-size: smaller;}
/*]]>*/--></style>
</head>

<body>
<h1>Bad request!</h1>
<p>


Your browser (or proxy) sent a request that
this server could not understand.

</p>
<p>
If you think this is a server error, please contact
the <a href="mailto:postmaster@localhost">webmaster</a>.

</p>

<h2>Error 400</h2>
<address>
<a href="/">localhost</a><br />
<span>Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.2.31</span>
</address>
</body>
</html>


[Connection to 10.132.62.25 closed by foreign host]
CISCO2811#telnet 117.239.7.117 8100
Trying 117.239.7.117, 8100 ...
% Connection refused by remote host

CISCO2811#
0 Helpful

Georg Pauwen
VIP
VIP
In response to ArunVerma0530

‎07-03-2020 12:44 PM

Hello,

 

what if you change the NAT statement to:

 

ip nat inside source static 10.132.62.25 80 *.*.*.117

0 Helpful
Customers Also Viewed These Support Documents