Re: Newbie: Cisco 800-series - Access internal server via external IP, when using NAT?

On 7 May 2006 10:52:03 +1200, "Peter" <SOMEONE@xxxxxxxxxxxx> wrote:

Hi Jim,

I am aware of 2 ways to do this -
1. Use an "external reflector". EG for HTTP traffic this is an
external Web Server that you use as a "proxy" to reach the External
interface for your Web Server.
2. An internal DNS that resolves the WAN DNS Name to the internal IP
of the Server.


I'm not sure that either option is available to me, as it's just a
small LAN I'm running, but I guess Option 2 is not too dissimilar to
my current HOSTS solution.

You may be surprised at how easy it is to find something for Option 1,
I found it VERY easy down here in NZ. You can often even use your
local ISP's proxy for the task (many ISP's have a transparent proxy
anyway), its often just a case of "do they allow their own IP address
ranges to be the target of their proxy?" and "do they allow their
customers to run servers in this configuration".......;-). You could
even be real sneaky and also specifically target another ISP's proxy.
If you have a "local" community of users you may find they can answer
this for you.

Yes, Option 2 can be done using a simple "hosts" file. I actually have
both methods configured locally for access to my own Web Server behind
a Cisco 827.




Many thanks anyway, I'll keep digging.



Jim


Okay, I found the definitive answer to this.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/prod_release_note09186a0080457818.html

The feature is called "Inside to Inside NAT - NAT Virtual Interface
Support".

I need the 12.3(11)YS release of the IOS. Unfortunately my router only
has 48MB of memory (max), and this release requires 64MB. So at least
I now know that this setup can be achieved, but only using a 64MB
router with 12.3(11)YS or later.



Jim
.

Relevant Pages

  • Re: Should proxy have one interface or two
    ... The public interface of proxy would have a public IP. ... one for public internet and other for private lan. ... You can say that we can add a router /L3 device in between like ...
    (Security-Basics)
  • Re: DSL-Router als Zugang zu Internet
    ... Habe das externe interface im Adressraum des Routers laufen und kann dem ... Router auch einen ping geben. ... Allerdings werden die WEB-Anfragen der Clients ... vom proxy nicht zu diesem externen Interface geleitet. ...
    (microsoft.public.de.german.isaserver)
  • Re: Redirecting all Outgoing http traffic to an internal Web server
    ... proxy address) to an internal web server from the Pix 525 firewall. ... that won't work on a PIX or ASA. ... a mask for the destination to be matched. ...
    (comp.dcom.sys.cisco)
  • Re: Is this possible?
    ... > machine B on my LAN to connect from port x to port Y on machine A in order ... > without a router, but I'd love to use KPF4's advanced rules, or something ... > Configuring the proxy does not and cannot work with java applet traffic. ... It is a web server, ...
    (comp.security.firewalls)
  • What classes do I use to create a web proxy
    ... service proxy nor do I want to do anything with web services. ... timeout and the web server regularly exceeds this, ... So I need to create a lightweight proxy that can sit between the ... from persistent storage to the desktop application. ...
    (microsoft.public.dotnet.languages.csharp)