Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CISCO 2620 NAT Challenge

I have setup static NAT on the router so that users on Internet can reach my webserver(Intranet) on Local LAN. Users access this webserver (Intranet) by clicking a link on our company website. This is working fine and the address 208.251.72.60 gets translated to 192.168.0.206 as long as users are sitting outside on the WAN.

The problem is when users sitting inside on the local LAN click the link on the webpage the address 208.251.72.60 does not take them to the Local webserver 192.168.0.206.

Is there a way to acheive this. Thanks

2 REPLIES
New Member

Re: CISCO 2620 NAT Challenge

Why have the same link for the outside and inside? If you have an internal DNS server the people on the inside should be going to www.xyz.com and NEVER have to go outside to comeback inside.

Best thing to do is to setup dynamic crypto maps on the 2620 for the people on the WAN and make the Intranet server multi-homed and have an internal DNS server for people in the office to go to sites internally.

New Member

Re: CISCO 2620 NAT Challenge

hi paul

my solution will work if you use a local dns for internet name resolution.

what you should do is create a new record for the serve,r for example www.test.com this should point to the 192.168.0.206 address.

this hostname should be on the website link , now local users can access the local web server without any problem.

and so will internet users because when an external dns system will query

your dns for the www.test.com your dns will response with a 192.168.0.206 replay.

but now the static nat you did on the router will kick in when a router see's a dns response that passes through it , the response will be change to the

208.251.72.60 address the router does that because he has a static nat that show an inside local of 192.168.0.206 to an inside global of 208.251.72.60 .

good luck

guy alexander

98
Views
0
Helpful
2
Replies