Re: Access from internal hosts to internal servers using external address
- From: "Thrill5" <nospam@xxxxxxxxxxxxx>
- Date: Wed, 18 Apr 2007 20:34:40 -0400
I know of no way to do this. NAT only works internal to external, not
internal to internal.
Scott
"HangaS" <mafonso@xxxxxxxxx> wrote in message
news:1176894601.537012.13380@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I have a Cisco 386 in a NAT configuration.
Internal (LAN) hosts can access the Internet (WAN) in a NAT'ed fashion
Internet accesses to the public IP address are correctly forwarded to
the host specified in the static mapping
The only problem is that when accessing the public IP from the LAN the
static mapping is not applied.
I wanted to be able to access the public IP address from the LAN side
and have the traffic redirected to the static mapped server as if it
came from the WAN.
What am i doing wrong?
King Regards
My configuration follows:
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
!
hostname c836
!
boot-start-marker
boot-end-marker
!
enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXXX
!
no aaa new-model
!
resource policy
!
no ip source-route
!
!
no ip dhcp use vrf connected
!
ip dhcp pool CLIENT
import all
!
!
ip domain name wit-software.com
ip name-server 212.18.160.133
no ip bootp server
!
isdn switch-type basic-net3
!
!
username XXXXXXXX privilege 15 secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
!
!
!
!
interface Ethernet0
description --- 10Mbps connection to LAN ---
ip address 192.168.15.254 255.255.255.0
ip nat inside
ip virtual-reassembly
no cdp enable
!
interface Ethernet2
no ip address
shutdown
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn switch-type basic-net3
isdn point-to-point-setup
!
interface ATM0
no ip address
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode etsi
pvc 0/35
pppoe-client dial-pool-number 1
!
!
interface FastEthernet1
duplex auto
speed auto
!
interface FastEthernet2
duplex auto
speed auto
!
interface FastEthernet3
duplex auto
speed auto
!
interface FastEthernet4
duplex auto
speed auto
!
interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap callin
ppp pap sent-username XXXXXXXXXXXXXXXXXX password 7
XXXXXXXXXXXXXXXXXX
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static 192.168.15.1 interface Dialer0
!
access-list 1 permit 192.168.15.0 255.255.255.0
dialer-list 1 protocol ip permit
!
!
control-plane
!
!
line con 0
exec-timeout 120 0
login local
no modem enable
stopbits 1
line aux 0
line vty 0 4
access-class 23 in
exec-timeout 120 0
login local
length 0
!
scheduler max-task-time 5000
no rcapi server
!
!
end
.
- Follow-Ups:
- References:
- Prev by Date: Re: CiscoSecure ACS v. 3.3 user TACACS+ password choice defaults not LDAP
- Next by Date: Re: does anyone use anycast
- Previous by thread: Access from internal hosts to internal servers using external address
- Next by thread: Re: Access from internal hosts to internal servers using external address
- Index(es):
Relevant Pages
|
