04-27-2010 02:30 PM - edited 03-06-2019 10:50 AM
Thanks in advance for your thoughts on how I tackle this issue.
I have 2 vlans with an 877 providing the routing and a DSL for Internet access. I have a device on Vlan 2 which I can ping from Vlan 1 so routing is working and devices are setup correctly. For Nat purposes Vlan 1 and 2 are set to inside and the Dialer for the DSL is the outside.
My issue is that the device I'm trying to query has a web interface that is locally accessible on the same Vlan (Vlan 2) but I'm unable to access it from the other Vlan (Vlan 1). I suspect it is something to do with the device and how the interface is written as ping/telnet work fine from Vlan 1. I was proposing to setup a NAT statement to provide a local Vlan 1 address to latch onto that will do the translation so that I can get to the web interface. When I debug the NAT statements the NAT seems to want to always latch onto the Outside (Dialer). Can anyone provide some gems of wisdom on how I may overcome the problem? or an alternative approach other than NAT?
PS: Vlans need to be maintained as the device on Vlan 2 broadcasts like crazy.
Thanks again
Dave
04-27-2010 05:25 PM
there can be multiple things,
1. how are you trying to access the web page. URL or IP address?
1.1. If URL, where is your DNS server located inside or outside?
1.1.1 . URL resolves to which ip internal private of public ip?
1.2 If IP address internal private address or public ip?
2. Have you been able to verify that the http packets does make it to the server with the use of packet captures, if not use one(wireshark)
3. When you have two vlans configured as NAT INSIDE nat will not occur. Nat works from either inside to outside or vice versa.
4. Incase there is any possiblity to resolve this using nat try NAT NVI.
couple of links with sample config and good explanation
http://inetpro.org/wiki/NAT:_access_outside_global_address_from_the_inside
http://ccie-in-3-months.blogspot.com/2008/12/nat-hairpinning-using-nat-pools-pbr.html
Hope this helps.
04-27-2010 10:35 PM
Thanks in advance for your thoughts on how I tackle this issue.
I have 2 vlans with an 877 providing the routing and a DSL for Internet access. I have a device on Vlan 2 which I can ping from Vlan 1 so routing is working and devices are setup correctly. For Nat purposes Vlan 1 and 2 are set to inside and the Dialer for the DSL is the outside.
My issue is that the device I'm trying to query has a web interface that is locally accessible on the same Vlan (Vlan 2) but I'm unable to access it from the other Vlan (Vlan 1). I suspect it is something to do with the device and how the interface is written as ping/telnet work fine from Vlan 1. I was proposing to setup a NAT statement to provide a local Vlan 1 address to latch onto that will do the translation so that I can get to the web interface. When I debug the NAT statements the NAT seems to want to always latch onto the Outside (Dialer). Can anyone provide some gems of wisdom on how I may overcome the problem? or an alternative approach other than NAT?
PS: Vlans need to be maintained as the device on Vlan 2 broadcasts like crazy.
Thanks again
Dave
Hi Dave,
If you want to communicate from one vlan to another you need intervlan routing just check ip routing is enabled in your cisco 877.Then only your vlan1 member can access the vlan2 webser locally.
Hope to Help !!
Ganesh.H
Remember to rate helpful post
04-28-2010 10:20 AM
What could be possible problem
Hope this may help u suggest to pinpoint
Shailesh
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: