Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
286
Views
0
Helpful
2
Replies

NAT PROBLEM

matt
Level 1
Level 1

‎11-01-2002 07:28 PM - edited ‎03-09-2019 12:55 AM

I am running NAT on my 2611 with a single public ip (for simplicity 1.1.1.1 public ip and 10.10.10.1 internal ip), I have port 53 and 80 forwarded to my internal server 10.10.10.10.

If a client on my internal network accesses the 1.1.1.1 address on port 80, everything times out and nothing works. Requests from the outside work 100%. My internal network is routed thru the mentioned router 10.10.10.1

Any ideas how to make this work? i have several DNS entries that are set up to point the outside IP so clients can access, however using the same URL fails when access internally. I do NOT want to set up 2 dns servers, nor two zones.

In short :

Client 10.10.1.99 does a DNS lookup, which points to 1.1.1.1. On router 1.1.1.1 port 80 is forwarded to 10.10.1.10 ( on the same network as the requestor) So the packets make a big U turn. But it's not working :(

I have to be doing something wrong; I had this working for a client using a linksys router....something as powerful as the cisco must be able to have this feature.

Labels:
0 Helpful
2 Replies 2

jlimbo
Level 1
Level 1

‎11-01-2002 09:47 PM

You can first check your routing by trying to browse to a website via ip address or just trying to ping.

Can you check if you turned off redirects on any of the interfaces? It will check the routing table before hitting NAT. Here is the order of operation link:

http://www.cisco.com/warp/public/556/5.html

-Jonathan

0 Helpful

matt
Level 1
Level 1
In response to jlimbo

‎12-04-2002 09:16 PM

yep pinging and accessing web sites works great. only problem is when i try to access the public ip of my router on port 80...which should be forwarded to a server on my internal lan (nat - inside).

i have no idea what a "redirect" is. so I assume they are defaulted.?

thanks for the help!

mm

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents