02-03-2008 11:03 PM - edited 03-03-2019 08:33 PM
we have somany public ip which we natted to our local server ips.now from internet we are able to access those public ip.from internal network we can access those servers with local ips but not able to access those servers with those natted public ip and we want to access those servers with natted public ip also for our project.need help on this.
02-03-2008 11:55 PM
Can you post the NAT configuration.
02-04-2008 01:07 AM
hello goutam,
the nat configuration is given below,
ip nat inside source static 10.1.x.249 61.xx.xxx.87
ip nat inside source static 10.1.x.154 6x.xx.xxx.71
ip nat inside source static 10.1.x.251 61.xx.xxx.75
now this servers are accessable from internet through the public ip, and from internal through private ip. but i want to access this servers from internal through public ip.how could i achieve this.
02-04-2008 01:58 AM
Dear Parba,
IF you have a CISCO PIX/FireWall, so you can go for DNS-Doctoring.
i.e.
static (dmz,outside) PUBLIC_IP PRIVET_IP netmask 255.255.255.255
static (dmz,inside) PUBLIC_IP PRIVET_IP netmask 255.255.255.255
If, you do not have a Cisco PIX/ FireWall then you are opening a Deep Security Hole.
Thanks
Goutam
02-04-2008 02:32 AM
hello goutam,
static (dmz,inside) PUBLIC_IP PRIVET_IP netmask 255.255.255.255 in this cmd which ip should i give as PUBLIC_IP whether the DMZ Server or Public Server IP? After doing this should i access this server from internal network with the Global Public ip?
Thanks,
Parba
02-04-2008 03:16 AM
Actually Public IP is the Live IP from which user can access ur server from internet and Private Ip is equivalent to DMZ or the ip that can be accessed from your inside network.
But to be very frank this two commands are perfect for Cisco PIX firewall, but this process, DNS DOCTORING , enabled by default in cisco routers. You better search some documents on DNS Doctoring in Cisco routers before configuring that.But it can be done in this way that's true.
02-04-2008 03:44 AM
Hi,
what is dns doctoring.
regards
skrao
02-04-2008 04:04 AM
Hi,
Its the "Alias" command in Cisco PIX/ASA Firewall
http://www.cisco.com/warp/public/110/alias.html
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968c8.shtml
Regards,
Dandy
02-04-2008 04:10 AM
According to CISCO:-
DNS doctoring allows the security appliance to rewrite DNS A-records.
DNS rewrite performs two functions:
Translates a public address (the routable or mapped address) in a DNS reply to a private address (the real address) when the DNS client is on a private interface.
Translates a private address to a public address when the DNS client is on the public interface.
More details pls visit: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968c8.shtml
Pls rate if it works.
Goutam
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: