Access Internal Web Server from Internet

Unanswered Question
Mar 8th, 2010

We have a web server running inside LAN with the ip 172.16.1.200 on port 80. Even after configuring NAT "ip nat inside source static tcp 172.16.1.200 80 interface Dialer0 80" on DSL Router [Cisco 1720, ip 172.16.1.100], it is not possible to access the webserver from internet. From the router console, it is possible to ping to the webserver, also the web server can access internet. Please provide the configuration details to access the server from outside.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Ganesh Hariharan Mon, 03/08/2010 - 23:11

We have a web server running inside LAN with the ip 172.16.1.200

on port 80. Even after configuring NAT "ip nat inside source static tcp 172.16.1.200 80 interface Dialer0 80

" on DSL Router [Cisco 1720, ip 172.16.1.100], it is not possible to access the webserver from internet. From the router console, it is possible to ping to the webserver, also the web server can access internet. Please provide the configuration details to access the server from outside.

Hi,

How you are tryiong to access the site from internet via public ip of the dailer interface or via name,first check that port 80 is listening on that server or not  by telnet 172.16.1.100 80 so it will confirms that 80 services are live and then if you are trying from name then it wont as it needs to be added in dns in global so i hopr you are trying by ip address for ip address you needs to sure of the dailer interface ip and try on that ip to access the page.

or try telnet from external world on that known public ip on port 80 .

Hope to help

Ganesh.H

shajuthomasn Tue, 03/09/2010 - 03:11

Thanx Ganesh....infact port 80 was blocked by the ISP here...with the same configuration NAT functions well.

Thank you once again for the response..

Neeraj Arora Mon, 03/08/2010 - 23:38

Apart from the steps mentioned by Ganeshh, you can also check the following:

- check for any firewall on inside or outside interface

- Check for any ACL on inside or outside interface

- issue the command "telnet 172.16.1.200 80 /source-interface dialer0" to check if Web server responds to a public ip on port 80 or not. This can also help us in confirming if the Default Gateway on the Web server is correctly pointing towards the router's inside interface.

- check default gateway of Web server

- When you are trying to access that server from internet, issue the command "sh ip nat translation | in 172.16.1.200" to check if NAT translation for this server is working or not

Hope the above information helps in correcting the issue.

Neeraj

shajuthomasn Tue, 03/09/2010 - 03:12

Thanx Neeraj....infact port 80 was blocked by the ISP here...with the same configuration NAT functions well.

Thank you once again for the response..

Actions

This Discussion