Nat Problem - Can inside devices talk to the port forwarded inside devices
I have a NAT problem I am trying to resolve. Can somebody help me?
I have a 2651 router performig NAT/PAT with many interfaces on it.
FastEthernet0/1 is my outside (ip nat outside) interface.
Several inside LAN interfaces are natted (ip nat inside)
I have some routes to other inside routers in my natted network.
My inside natted network is 10.170.0.0/20 broken down into several /24s interfaces
Everything talks and works. My web server on an outside IP address talks to everybody just fine. When I renumber my webserver from an outise IP address to 10.170.1.5/24 and place it on my ethernet numbered 10.170.1.1/24, everybody outisde can still get to the web server just fine. All of the internal natted networks can see 10.170.1.5 just fine.
The big problem is none of my internal natted networks can talk to my web server using the outside IP. I have way to many people, programs and machines to reconfigure to use the new inside IP address of the web server.
What can I do to make my inside natted networks talk to the webserver (now natted & port forwarded) so the same URLs and outside IP address still work to my inside network?
I have never been able to make this work on any Cisco IOS. I have found no examples on the Cisco site and I have found no documentation stating this is supported or not supported.
Does somebody have an example config I can take a look at which has the following:
1 outside nat/pat (overflow) interface
Internal access list 1 something like 10.170.0.0 0.0.15.255
several internal interfaces (broken down to /24s)
routes to other internal routers on internal network (route /24 to something)
Two or more web servers available to the outside Internet which numbered in the natted lan and port forwards allow the outside Internet (and inside intranet) to access the web servers using the outside IP address of the web servers.
I sure hope this is something that can be done.
Thank you in advance
If this works - below is my current config
assume I have a valid outside /30 set of Internet IPs routed to my router. I want to place a web server inside on 10.170.1.5 and have it available as http://out.sideip.170.146 such that the inside PC machines and outside PC machine can still reach my web server by using http://out.sideip.170.146 although it is really at 10.170.1.5
Re: Nat Problem - Can inside devices talk to the port forwarded
Cannot be done via Cisco. The best way to circumvent this problem is via DNS. If you maintain your own DNS servers set up an external and internal DNS. The internal DNS will have the url resolve to the private IP while the external DNS will have the url resolve to the public ip. If you cannot do that, just add an entry into each workstations host table for url name to ip address. The host table will override any DNS lookup. Even windows boxes have an \etc\hosts file. Just search for the folder \etc to find the full path.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.