01-05-2010 09:22 AM - edited 03-21-2019 01:59 AM
I'm having a bear getting the firewall configured right...There is very little control over the config.
Connection is DHCP (ISP provides a new IP address every 18 months or so but without DHCP request, no routing...)
DDNS works but address doesn't resolve properly when requests come from inside...
for example:
192.168.10.99 is nat'd to mypublicaddress.dnsalias.net for svn access
Outside the office, mypublicaddress.dnsalias.net works fine but inside the office it does not.
This breaks the app because it sees mypublicaddress.dnsalias.net and 192.168.10.99 as different hosts
Likewise, I cannot configure or use the VPN on DDNS...worked fine on the RVL200 we replaced but once I turn on DHCP, the other settings are lost..
01-05-2010 02:06 PM
On the local host issues with 192.168.10.99, what is the dns server? Is it an outbound DNS server? I believe you can hairpin the traffic on the UC540 so that the application only thinks it is using the WAN address.
What type of VPN are you using? I don't believe EZVPN has a requirement of a static IP, but the SSL VPN does.
01-05-2010 02:13 PM
DNS server is google 8.8.8.8...How do I hairpin the traffic...that's exactly what I'm trying to do..
Yes, EZ VPN works ok...SSL VPN is required for the 525G phones....
01-05-2010 02:23 PM
On the SSLVPN, I don't think we can get around the requirement of a static IP. A good but long read can be found here.
http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htwebvpn.html
My understanding, if you have setup the proper rules in CCA under NAT, the hairpinning should work. What rules do you have setup?
01-05-2010 02:36 PM
There really aren't any rules to speak of..host ip, internal port, external port...that's it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide