Hi Everyone - I've got a real challenge.
I have a 877 Router with 3 Interfaces
- Inside (10.1.1.1/24)
- DMZ (10.1.2.1/24)
- Outside (212.212.x.x)
I have natt'ed Ports on different DMZ servers to the "outside" interface on the router. The servers can be reached from the internet using the public ip and the ports i configured.
So far so good.
The huge challenge is that we should also be able to reach the Servers in DMZ from the inside LAN using the "Outside" IP address. (Remark: No DNS Doctoring - only based on IP Address).
Ive been trying with "ip nat enable" (but i have very little experience with ip nat enable) on the interfaces, different variations of "ip nat inside" and "ip nat outside".
Ive tried many variations of
- "ip nat outside source static"
- "ip nat inside source static"
- "ip nat inside destination"
Ive even considered Route-map with nexthop = ip address of the server in DMZ, but i believe this would require some reconfiguration of the Unix machine .
Ive seen some other simular posts here, for ASA, which has been solved, and hope that someone knows a solution for this as well.