Accessing public IP from local network

Unanswered Question
Jul 21st, 2010

Hi all,

We are having some issue accesing, from our LAN, to a web server situated on the same internal network through our public address. We are trying to do so, since we use a program with a hyperlink to that web server and, we can use it making demos on our LAN or on a customer's site (no DNS server available on our LAN).

We have a Cisco 837 ADSL router and we have the NAT configured. From the Internet we haven't got any problem on accessing the http port of the server. But, when from our LAN we type http://X.X.X.X (where X is our public IP address), we do not receive any response (if we activate the "ip http server" on the router, we access the router web page). This is what we have configured:

ip nat inside source static tcp 192.168.1.2 80 X.X.X.X 80 extendable

interface ethernet0

  ip nat inside

interface Dialer0

  ip nat outside

What are we missing? Should we use "ip nat inside destination.."? Is it possible to do this configuration?

Any suggestion will be appreciated!

THANK YOU VERY MUCH IN ADVANCE!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
manish arora Wed, 07/21/2010 - 16:48

Can you please post debug ip nat out while trying to access your webserver from lan ? also please post complete sh run ( remove passwords + public ip's ). also, your overload nat ip and static nat ip for web server are different right ? or you are doing port translation ?

thanks

manish

Nagaraja Thanthry Wed, 07/21/2010 - 17:04

Hello,

You would have to configure NAT Virtual interface and apply NAT to the virtual interface. This will ensure that the NAT is applied irrespective of the interface it is coming from.

Example:

no ip nat source static extendable

You need to do the above with all the existing NAT configurations. You can reinsert them once you configure the below commands.

interface Dialer0

no ip nat outside

ip nat enable

exit

interface Ethernet0

no ip nat inside

ip nat enable

exit

ip nat source static extendable

When you configure like above, the router will create a NVI interface and apply all NAT configurations to that interface. From then onwards, whenever you access any of the translated addresses from any interface, it will be handled by the NVI interface. NVI interface un-nats the traffic and sends it to correct destination.

http://www.cisco.com/en/US/docs/ios/ipaddr/configuration/guide/iadnat_addr_consv_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1084652

Hope this helps.

Regards,

NT

Inaki Kortazar Thu, 07/22/2010 - 13:53

Thank you very much for your answers,

We have tried today configuring the NAT virtual interface, but the command "ip nat enable" was not supported. We are using an old 837. Which IOS version should we install?

THANK YOU VERY MUCH!!

Actions

This Discussion