877 responds to HTTP requests from WAN instead of forwarding

Answered Question
Jun 11th, 2010

Hi,

There is a web server on my network and I've created forvarding rule to that internal IP address on port 80.

But when a request is sent from outside, SDM responds and prompts for a password.

How can I stop SDM from responding and have router forward to the web server?

Thanks

Zen

I have this problem too.
0 votes
Correct Answer by Federico Coto F... about 6 years 6 months ago

Ok,

Please put the "ip http server'' command again to regain SDM access.

I believe the port redirection is working fine, but the internal device might not be responding appropiately.

Anyway, yo be 100% sure, could you attach a ''sh run'' and specify the IP for the connection?

Federico.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Federico Coto F... Fri, 06/11/2010 - 14:23

Zen,

The connection gets to the router on port 80?

If so, perhaps SDM is listening on port 80 and that's why it responds (and maybe the forwarding rule is not correct).

Please post the output of:

sh run | i ip nat

Federico.

Zenith888 Fri, 06/11/2010 - 14:36

#sh run | i ip nat
ip nat inside
ip nat outside
ip nat pool 10.10.10.0 10.10.10.2 10.10.10.254 netmask 255.255.255.0
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.10.10.2 80 interface Dialer0 80

PS: Do I actually need to have SDM in the router?

Federico Coto F... Fri, 06/11/2010 - 15:01

You don't have ASDM on the router? You mentioned that ASDM prompts for user/password when you attempt the connection on port 80.

If you don't use ASDM, you can disable the HTTP server or if you use ASDM, you can make ASDM to listen only on HTTPS (443)

In this way you can have the router pass traffic through the router on port 80.

Please post:  sh run | i http

Federico.

Zenith888 Fri, 06/11/2010 - 15:05

cisco877#sh run | i http
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
GUIDE for your router or go to http://www.cisco.com/go/sdm

I am not planning to access SDM from outside. Can I remove SDM from the router?

Zenith888 Fri, 06/11/2010 - 15:18

Now I've lost HTTP access from both inside and outside. I still want to use SDM from local network.How can I achieve that?

And the main issue is port forwarding still does not forward HTTP requests to the web server

I think I got it! Apache virtual hosts had the old network addresses, which I used before installing 877. That's why I thought forwarding did not work. Testing...

Nope, looks like still no forwarding to port 80 of the web server on the lan.

Correct Answer
Federico Coto F... Fri, 06/11/2010 - 15:31

Ok,

Please put the "ip http server'' command again to regain SDM access.

I believe the port redirection is working fine, but the internal device might not be responding appropiately.

Anyway, yo be 100% sure, could you attach a ''sh run'' and specify the IP for the connection?

Federico.

Zenith888 Fri, 06/11/2010 - 15:44

Actually, the port forwarding works when sight accessed from outside.

Only when I am trying from the inside network by the domain name, 877 responds with its own HTTP server.

Solved!

Well, solved partially. There is a slight problem: before moving to 877 I used a cheap router from SMC, which allowed me to access my internal web server by name from inside the LAN. I could type www.domain1.com or www.domain2.com and Apache served the named host.

But now I lost the ability to access from the LAN, only the external users see my web sites. How can I re-gain access from the LAN?

Actions

This Discussion

Related Content