Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
543
Views
0
Helpful
5
Replies

851 router NAT setting problem

biologixlee
Level 1
Level 1

‎02-13-2007 02:03 PM - edited ‎03-03-2019 03:44 PM

I configured some NAT port forwarding through SDM(as a newbie) but none of them worked for me. For example, I have a web server behind the router, so I setup a IP forwarding from my external static IP to the web server's internal IP 192.168.1.xxx through port 80, but after that when I type in the web server's domain name xxxx.com, it will forward me to the router SDM Express remote login site. Same thing happens for https through port 443.

Anybody can give me any instruction?

Many thanks!

Labels:
0 Helpful
5 Replies 5

biologixlee
Level 1
Level 1

‎02-14-2007 06:41 AM

Come on guys, help me out here please!

0 Helpful

djones
Level 1
Level 1
In response to biologixlee

‎02-15-2007 06:36 AM

Posting your config would be helpful.

Without that, my first thought is that you need to tell asdm where to listen. You do this by modifying what interfaces the internal http server listens on. The command is 'http 192.168.1.0 inside', with your subnet listed of course. Make sure that statement doesn't say "outside" or your router is listening for http requests to its external ip address.

If this is a needed functionality, you would probably have to provision another static ip address that's not your router's external interface, that way the router won't think the http packet is for it.

David

0 Helpful

biologixlee
Level 1
Level 1
In response to djones

‎02-15-2007 06:44 AM

Thank you, David!

This may be the problem. "modifying what interfaces the internal http server listens on"

However, I'm not formaliar of commend lines at all, is there anywhere in the SDM or SDM Express can let me do the same config?

Thanks!

0 Helpful

djones
Level 1
Level 1
In response to biologixlee

‎02-15-2007 06:49 AM

The only place I use the gui on Cisco gear is on an ASA5520 for use as a vpn concentrator. I use ASDM 5.2 so it may be different.

In mine, I go to 'Configuration', Properties, Device Access, HTTPS/ASDM. This is where I can see where the access is allowed.

From a cli standpoint, if you can telnet/ssh to the router, do the following:

sh run | inc http

It will come back with any lines that contain http in it. You can then see if it's in there. So if you had a line that said 'http 0.0.0.0 0.0.0.0 outside', you would just enter the command 'no http 0.0.0.0 0.0.0.0 outside'.

Let me know if it helps.

0 Helpful

biologixlee
Level 1
Level 1
In response to djones

‎02-15-2007 06:51 AM

Thank you very much, David. I'll try that!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card