Re: CISCO 2620 NAT Challenge

paul · ‎04-27-2002

I have setup static NAT on the router so that users on Internet can reach my webserver(Intranet) on Local LAN. Users access this webserver (Intranet) by clicking a link on our company website. This is working fine and the address 208.251.72.60 gets translated to 192.168.0.206 as long as users are sitting outside on the WAN.

The problem is when users sitting inside on the local LAN click the link on the webpage the address 208.251.72.60 does not take them to the Local webserver 192.168.0.206.

Is there a way to acheive this. Thanks

rgrcommo · ‎04-29-2002

Why have the same link for the outside and inside? If you have an internal DNS server the people on the inside should be going to www.xyz.com and NEVER have to go outside to comeback inside.

Best thing to do is to setup dynamic crypto maps on the 2620 for the people on the WAN and make the Intranet server multi-homed and have an internal DNS server for people in the office to go to sites internally.

guy.alexander · ‎05-04-2002

hi paul

my solution will work if you use a local dns for internet name resolution.

what you should do is create a new record for the serve,r for example www.test.com this should point to the 192.168.0.206 address.

this hostname should be on the website link , now local users can access the local web server without any problem.

and so will internet users because when an external dns system will query

your dns for the www.test.com your dns will response with a 192.168.0.206 replay.

but now the static nat you did on the router will kick in when a router see's a dns response that passes through it , the response will be change to the

208.251.72.60 address the router does that because he has a static nat that show an inside local of 192.168.0.206 to an inside global of 208.251.72.60 .

good luck

guy alexander