How to translate this

Answered Question
Mar 27th, 2007

I have a webserver that is on my inside network. I created a NAT that translates a public Ip to inside Ip and it works great.

The only problme I have is that I cannot access from inside the Public IP of the internal webserver. How do I setup this reverse translation?

I have this problem too.
0 votes
Correct Answer by acomiskey about 9 years 8 months ago

There are 2 good options here

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968d1.shtml#

If you are using an external dns server, the first option will work well, dns doctoring. The second option is hairpinning, which will allow the traffic to enter and exit the inside interface with a static nat.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
acomiskey Tue, 03/27/2007 - 08:02

There are a few solutions for this but depends on what code you're running, is this pix or asa?

You can edit the HOST file on your machine to point to inside address. You can do dns doctoring if using an external dns server. You can do hairpinning if you are running code 7.

abinjola Tue, 03/27/2007 - 10:50

ok use these commands :-

same-security-traffic permit intra interface

static (inside,inside)

cl xlate

cl loc

norriscr1 Tue, 03/27/2007 - 11:52

!!! Just be careful running the "cl xlate" command in a production environment. That could really impact your current traffic and cause the phones to ring.

Actions

This Discussion