Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Can´t access web server from LAN, but I can from WAN

Hi everyone, hope you can help me fix this.

The scenario it´s the following;

  • Server1 (192.168.1.116)
  • Server2 (192.168.1.110)
  • Router RV042 (192.168.1.254)
  • Firmware version: 4.2.3.07
  • Public IP: static | It has 2 web hosts associated (hostapp.com and hosttest.com)

Servers and host names are generic, not the ones currently configured

One of our clients got 2 servers with a third part application installed. On both servers this application can be accessed from HTTP (80) and HTTPS (443) ports; both from name or IP.

For example http://server1 and https://server2 or http://192.168.1.116 and http://192.168.1.110

The application provider wants now to allow the applications be accessed from internet, so I configure the following port forward and UPnP:

LAN IP INTERNAL PORT EXTERNAL PORT CONFIGURED AS
192.168.1.116 80 80 Port forward
192.168.1.116 443 443 Port forward
192.168.1.110 80 8000 UPnP
192.168.1.110 443 4430 UPnP

After this configuration I can access successfully to the applications from external networks using the following URLs:

https://hostapp.com

http://hostapp.com

https://hosttest.com:4430

http://hosttest.com:8000

But when I try to do it from inside the LAN network, it fails. Receiving a message that shows that the site took to long in answer

Can you please help me?

Thanks in advice!

7 REPLIES

Hi Federico De Luca,

Hi Federico De Luca,

Are you able to access these applications from internal by using IP address instead on FQDN like http://192.168.1.116 instead of https://hostapp.com?

New Member

Hi  singhkulbir29881 and

Hi  singhkulbir29881 and thanks for your response.
Yes, I can successfully access to the app through the LAN IP

So after port forwarding,

So after port forwarding, FQDN's https://hostapp.comhttp://hostapp.comhttps://hosttest.com:4430http://hosttest.com:8000 are resolving into public IP. When you are trying to access by using FQDN name is resolving into RV042 WAN IP and RV042 is dropping this traffic due to default firewall features. You can use local DNS server having these FQDN entries resolving into private IP's  and add the IP of this local DNS server as a primary DNS in DHCP settings or simply access using LAN IP address instead of FQDN.

Please rate if this is helpful.

New Member

The proceedure you describe

The proceedure you describe is correct; but I can´t configure the DNS entry that way dude it will give a certificate error due the associated IP will be different to the corresponding public IP

Frederico,

Frederico,

your certs should have X.509 FQDN subject names. are you saying they have IP addresses as the subject name?

why dont you create a host file on a test machine resolving  https://hostapp.comhttp://hostapp.comhttps://hosttest.com into internal IP addresses?

Please rate if useful

Please remember to rate useful posts, by clicking on the stars below.

New Member

Hi Dennis and thanks for your

Hi Dennis and thanks for your response.

I can´t do that due the HTTPS certification. If the IP doesn´t match the public IP it will return an error (I´ve already tried it)

can you add the cert to this

can you add the cert to this post?

Thanks

Please rate if useful

Please remember to rate useful posts, by clicking on the stars below.

34
Views
0
Helpful
7
Replies
CreatePlease to create content