06-02-2002 01:49 PM - edited 03-01-2019 09:58 PM
A PC and a webserver are on the same LAN behind a CPE running PAT. All web requests from WAN side are successfully translated and forwarded to the webserver. The PC is able to make port 80 requests to the webserver via private IP, however when the same PC is making port 80 requests to the webserver using DNS (public IP address), the CPE doesn't seem to translate it . Can someone clue me into what configlets I'm missing that can resolve this dilemma? Relevant config as follows
interface Ethernet0
description LAN
ip address 192.168.0.1 255.255.255.0
ip nat inside
!
interface ATM0.1 point-to-point
description WAN
ip address 161.15.15.2 255.255.255.252
ip nat outside
pvc 0/50
encapsulation aal5snap
!
ip nat translation timeout 3600
ip nat inside source list 1 interface ATM0.1 overload
ip nat inside source static tcp 192.168.0.2 110 161.15.15.2 110 extendable
ip nat inside source static tcp 192.168.0.2 25 161.15.15.2 25 extendable
ip nat inside source static tcp 192.168.0.2 80 161.15.15.2 80 extendable
!
access-list 1 permit 192.168.0.0 0.0.0.255
06-03-2002 11:18 AM
Where is the DNS? Inside or outside?
06-03-2002 02:44 PM
Since you said that the "CPE" wasn't translating, I'll assume the DNS is outside. I think that you probably need to translate the DNS response, which likely includes the public IP of 161.15.15.2 - which doesn't exist on the LAN. I believe NAT can reach into the payload and translate the DNS response to the local address. Check out the very last question in this NAT Q&A and see if it sounds like your issue:
http://www.cisco.com/warp/public/cc/pd/iosw/ioft/iofwft/prodlit/iosnt_qp.htm
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide