12-14-2006 07:51 PM - edited 03-05-2019 01:21 PM
Network setup: 1 Cisco 2600 router with a serial0/0 and fastethernet0/0 interface. The serial is connected to the ISP (me) and the faste connects the LAN. Serial0/0 has a public IP and is a NAT outside interface, while faste0/0 is a private IP and a NAT inside interface. Both static and overloading NAT are in use. The static NAT is to allow access to the web server and the PAT is for local users to access the internet.
Issue: Local users attached to the faste0/0 interface are not able to connect to the web server using the inside-global IP.
12-14-2006 10:28 PM
Since you come in and leave out from the same interface, Natting will not happen for this traffic. For this you may need to perform NAT on stick to perform the natting.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094430.shtml
This link should help you
12-15-2006 06:15 AM
Thank you. That is what I am thinking, that I would need another layer 3 interface so that an actual inside-outside or outside-inside traversal occurred. In this case, it is inside-inside.
12-14-2006 10:34 PM
Hi,
Please try to change ur access-list 1 to deny the ip address that are defined in static natting.
The problem is ur dynamic natting is overtaking ur static natting statements.
Check the link
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_q_and_a_item09186a00800e523b.shtml#qa17
Hope this helps
Thanks
Raj
12-15-2006 06:12 AM
Thanks for the tip I will check on that.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide