hi,

thank you for your reply , i check many site's all talk the solution is add ASA device , but i don't understand if i don't need ASA no luck to make it , the problem my mail server is locally xxxxx.xxxxx.local , also i use port forwarding to reach the IP camera .

ip nat inside source static tcp 10.0.5.39 5039 interface Dialer0 5039

ip nat inside source static tcp 10.0.2.30 pop3 interface Dialer0 pop3

i try dyndns service but also no luck

you can find the example attached .

sorry for my bad english language

Hi,

If you try with the google dns server for inside hosts( 8.8.8.8) then this server will contact dyndns to get the IP and then dns doctoring should come into play and change the IP to private one and it should work.

Can you contact router by fqdn from outside now that you've got dyndns configured?

Regards.

Alain.

Hi,

so from outside dyndns is working ok and you can contact router either with outside IP or name but you can't contact outside address with corresponding port from inside?What about by name+ port from inside if your inside host has any external dns server configured?

Alain.

Hi,

yes I see your config in first post.

Can you show ipconfig of host and capture traffic from host when you try to communicate with fqdn and port to get to private address+ port.

Alain.

Hi,

sorry , i don't understand you too much , you mean ipconfig /all from my local pc ?

from my pc if i make telnet 10.0.2.30 110 , i get ok the port reply from exchange

                         ip camera same ok

if i change          telnet 110 i get code not make connection

can you send to me what command you need i use it .

i see somebody but in this site soluwtion but he talk this work for more than 1 static IP.

http://ccie-in-3-months.blogspot.com/2008/12/nat-hairpinning-using-nat-pools-pbr.html

i try it but no luck

thanks

Marwan

When you say the ISP ip, i suppose you mean your outside interface IP? are you able to ping your outside interface? Are any other PC or server on the network able to ping or telnet to the outside interface IP?

Hi,

yes I want to see which dns server is configured on the PC. and I already told you that accessing your public IP from inside will never work because this feature is not supported in Cisco enterprise model routers.

So my question is Can you access it from inside with name eg telnet www.bla.bla.dyndns.org 110 if you have set an external dns server for your PC ? if not then can you capture traffic with wireshark when you do the above command.

Alain.

HI to all,

Mr. Marius , yes the ISP ip is my outside interface IP , i able to ping from LAN .

Mr. Alian , i can telnet xxxx.dyndns.org from local lan and get reply , also telnet i get reply

but when i add i dont get reply .

------------------------------------------------------------------------------------------------------------------------

R1811#ping xxx.dyndns.org

Translating "xxx.dyndns.org"...domain server (8.8.4.4) [OK]

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 77.245.5.25, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 84/95/136 ms

R1811#telnet xxx.dyndns.org 110

Trying xxx.dyndns.org (77.245.5.25, 110)...

% Connection timed out; remote host not responding

------------------------------------------------------------------------------------------------------------------------

anyway i found today solution like this :-

i add to my config :-

R1811(config)# ip host xxxx.dyndns.org    ... etc

then i amend my config at my mobile to use xxx.dyndns.org insted of

and i amend DNS server on my mobile to use Router IP insted of my windows server DNS

and it's work , i don't think this is the best way , but it's work .

one more question it's better to use the Router is DNS server instead of Windows Server 2003 DNS service ?

and what the best config DNS server for Router ?

with many thanks to all for your help .

Marwan Urabi