Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Publishing Server

HI all

I have Cisco PIX 515E which has 2 interfaces, I have 4 public IP address I would like to asign 1 public IP address to publish my enternal server, I did that by Nating and it's working fine and the server is accessable from anywhere through internet except from my inside network, I can access any other IPs but not able to access any one of my public IPs..

how to solve it..

14 REPLIES

Re: Publishing Server

Hi,

I think you are trying to access with public ip . You can access from ur inside network via private ip only .

In case if you want to access with public ip , then use "alias " . But once done , you would not be able to access via private ip.

Pls ref the link :

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml

Pls rate all posts

Hope this helps

regards

vanesh k

New Member

Re: Publishing Server

Thanks Vanesh

I think my case is different, I will expalin to you what I mean, I have server in my internal network with IP 1.1.1.1 and I have public IP 2.2.2.2 and there is Nating running inside PIX to route any trafic comming from internet to 2.2.2.2 to 1.1.1.1, it's working proberly

the problem is from internal PC with IP 1.1.1.2 I want to access this server but through internet, meaning if I called 2.2.2.2 I should be able to access the server through internet like any other user over the internet

is it possible ??

New Member

Re: Publishing Server

If you provide internet access to ip 1.1.1.2 then it can also access ip 2.2.2.2. Without internet access how it can.

The best thing what you should do it configure ALIAS and access the server as vaneesh told you in last post.

Regards,

Suresh Jain

New Member

Re: Publishing Server

sure I have internet access for host 1.1.1.2 but I am not able to access the server 1.1.1.1 through it.

New Member

Re: Publishing Server

R u able to ping that server from that machine.

Can you please paste the ping and traceroute results.

Regards,

Suresh Jain

New Member

Re: Publishing Server

No. I am not able to ping the public IP it's giving time out, but sure I am able to ping the private IP

New Member

Re: Publishing Server

what about traceroute results. Where is ur packet getting blocked.

New Member

Re: Publishing Server

it's reaching my gateway only ..

New Member

Re: Publishing Server

What about other sites from that system, r u able to browse.

Did you permit ICMP in your PIX.

New Member

Re: Publishing Server

Dear Sureshdank

Thanks for continues help

I will tell u the full scenario

1- My internal network is NATED to external interface

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

2- I have server on my interanal network with IP 10.3.2.2

3- I want to publish this server to the internet.

static (inside,outside) 82.1.1.2 10.3.2.2 netmask 255.255.255.255 0 0

4- this rule is working from anywhere through internet and any one can access my server by calling IP (e.g. 82.1.1.2).

5- any PC in my internal network are not able to see this public IP (82.1.1.2) even I will allow any any connection

when I am ping the public IP from internal network its time out

tracrt showing only up to my gateway which is my router interface.

New Member

Re: Publishing Server

Can you please paste your router and PIX configuration.

New Member

Re: Publishing Server

pls find attached

New Member

Re: Publishing Server

I think NAT is not happening when on firewall. In your configuration you have given the below,

global (outside) 1 interface ---- What does interface means. Try giving it with IP address.

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

New Member

Re: Publishing Server

this is used to NAT group to group

I tried what u said but no chance.

232
Views
0
Helpful
14
Replies