Cisco portforward to access local webserver from outside

Sumit.anand1 · ‎08-21-2016

my router is cisco: 3800 series
WAN IP g0/0:123.123.123.4
Internal n/w fa0/0:192.168.0.4
webserver IP: 192.168.0.5
domainname: example.office.com (123.123.123.4)
I applied nat outside on g0/0 and nat inside on f0/0. NAT rules are:

ip nat inside source list 1 interface g0/0 overload
ip nat inside source static tcp 192.168.0.5 80 123.123.123.4 80  
ip nat inside source static tcp 192.168.0.5 443 123.123.123.4 443

Inside the source list 1 i applied permit any any.

Problem1 :
By doing this i can able to access my website from outside of office network but when i am trying this from inside of office network i can't able to access, cisco router always redirect to SDM page, Please let me know what i am missing.

Adding one more point my webserver is running on SSL connection(https).
On my router my dns is 8.8.8.8 and i am not using internal dns we have google dns inside our LAN network also.

Amit Goyal · ‎08-24-2016

Hi Sumit,

Obviously if you try browsing example.office.com from inside, DNS will resolve it to 123.123.123.4 which is you WAN IP. But since traffic is coming from inside, destination NAT will never take place and user will not be able to reach to server which is in their local LAN.

Although I have seen that it doesn't work but you could give a try via NAT on Stick. Below is the link to doc.

http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/6505-nat-on-stick.html

Or else you might need to update the DNS record of your local users by mapping example.office.com to a private ip from local LAN.

Please rate if it helps.

-Amit