Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
349
Views
0
Helpful
2
Replies

Port Forwarding via Service Provider Network (Reposted in 'Routing')

Driftshin
Level 1
Level 1

‎02-08-2019 12:27 AM - edited ‎03-08-2019 05:17 PM

This is the scenario. I'm on a LAN that gets its Internet connectivity via a MAN. I have autonomy over my LAN but data gets routed through the provider's mpls network out their public addresses. Now i have an application running on port 80 IP address 10.2.1.51, called ODK Aggregate that i need to be accessible via from the internet. My inside host is 10.2.1.1 while the outside address is 172.23.1.2 and the public address is 41.222.1.2. Were I directly connected to the Internet, i figure the configuration would be straight forward. This is my configuration for the nat;

 

ip nat inside source static tcp 10.2.1.51 80 interface GigabitEthernet0/0/0.1 80

ip nat outside source static tcp 172.23.1.2 80 41.222.1.2 80 extendable

 

This however is not working for me. When i try to access the host from outside my network and look at the nat translations, i can see the public address of the device i'm accessing from. What am i doing wrong? See attached the logical diagram.ODK Aggregate Diagram.png

 

Labels:
0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎02-08-2019 04:33 AM - edited ‎02-08-2019 04:35 AM

Hello,

 

can you post the output of 'show ip nat translaton *' as well as the output of 'show ip route' from your Router0 ?

0 Helpful

Driftshin
Level 1
Level 1
In response to Georg Pauwen

‎02-09-2019 12:55 AM

This is minus any access traffic:

Pro     Inside global               Inside local               Outside local            Outside global
tcp        ---                             ---                        41.222.1.2:80     172.23.1.2:80
tcp      172.23.1.2:80            10.2.1.51:80            ---                              ---

 

This is when i try to access 41.222.1.2 from my inside machine 10.2.1.52

Pro       Inside global        Inside local            Outside local         Outside global
tcp             ---                     ---                  41.222.1.2:80    172.23.1.2:80
tcp 172.23.1.2:80      10.2.1.51:80             10.2.1.52:51926 10.2.1.52:51926
tcp 172.23.1.2:80      10.2.1.51:80             10.2.1.52:51927 10.2.1.52:51927
tcp 172.23.1.2:80      10.2.1.51:80             10.2.1.52:51930 10.2.1.52:51930
tcp 172.23.1.2:80      10.2.1.51:80               ---                            ---
tcp 10.2.1.52:51926 10.2.1.52:51926      41.222.1.2:80 172.23.1.2:80
tcp 10.2.1.52:51927 10.2.1.52:51927      41.222.1.2:80 172.23.1.2:80
tcp 10.2.1.52:51930 10.2.1.52:51930      41.222.1.2:80 172.23.1.2:80

 

Looks like the host i'm accessing from ends up becoming the outside local, inside global and inside local. Strange.

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card