Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
744
Views
0
Helpful
8
Replies

accessing problem to the servers on public ip from internal

parba.basu
Level 1
Level 1

‎02-03-2008 11:03 PM - edited ‎03-03-2019 08:33 PM

we have somany public ip which we natted to our local server ips.now from internet we are able to access those public ip.from internal network we can access those servers with local ips but not able to access those servers with those natted public ip and we want to access those servers with natted public ip also for our project.need help on this.

Labels:
0 Helpful
8 Replies 8

Goutam Sanyal
Level 4
Level 4

‎02-03-2008 11:55 PM

Can you post the NAT configuration.

0 Helpful

parba.basu
Level 1
Level 1
In response to Goutam Sanyal

‎02-04-2008 01:07 AM

hello goutam,

the nat configuration is given below,

ip nat inside source static 10.1.x.249 61.xx.xxx.87

ip nat inside source static 10.1.x.154 6x.xx.xxx.71

ip nat inside source static 10.1.x.251 61.xx.xxx.75

now this servers are accessable from internet through the public ip, and from internal through private ip. but i want to access this servers from internal through public ip.how could i achieve this.

0 Helpful

Goutam Sanyal
Level 4
Level 4
In response to parba.basu

‎02-04-2008 01:58 AM

Dear Parba,

IF you have a CISCO PIX/FireWall, so you can go for DNS-Doctoring.

i.e.

static (dmz,outside) PUBLIC_IP PRIVET_IP netmask 255.255.255.255

static (dmz,inside) PUBLIC_IP PRIVET_IP netmask 255.255.255.255

If, you do not have a Cisco PIX/ FireWall then you are opening a Deep Security Hole.

Thanks

Goutam

0 Helpful

parba.basu
Level 1
Level 1
In response to Goutam Sanyal

‎02-04-2008 02:32 AM

hello goutam,

static (dmz,inside) PUBLIC_IP PRIVET_IP netmask 255.255.255.255 in this cmd which ip should i give as PUBLIC_IP whether the DMZ Server or Public Server IP? After doing this should i access this server from internal network with the Global Public ip?

Thanks,

Parba

0 Helpful

Goutam Sanyal
Level 4
Level 4
In response to parba.basu

‎02-04-2008 03:16 AM

Actually Public IP is the Live IP from which user can access ur server from internet and Private Ip is equivalent to DMZ or the ip that can be accessed from your inside network.

But to be very frank this two commands are perfect for Cisco PIX firewall, but this process, DNS DOCTORING , enabled by default in cisco routers. You better search some documents on DNS Doctoring in Cisco routers before configuring that.But it can be done in this way that's true.

0 Helpful

sivakondalarao
Level 1
Level 1
In response to Goutam Sanyal

‎02-04-2008 03:44 AM

Hi,

what is dns doctoring.

regards

skrao

0 Helpful

Goutam Sanyal
Level 4
Level 4
In response to sivakondalarao

‎02-04-2008 04:10 AM

According to CISCO:-

DNS doctoring allows the security appliance to rewrite DNS A-records.

DNS rewrite performs two functions:

Translates a public address (the routable or mapped address) in a DNS reply to a private address (the real address) when the DNS client is on a private interface.

Translates a private address to a public address when the DNS client is on the public interface.

More details pls visit: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968c8.shtml

Pls rate if it works.

Goutam

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card