HTTP server

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
I want to run a http server on my local lan , but accessible via the
internet.
My existing ethernet1 interface is  ip nat outside but to do this, would
  I also have to make it ip nat inside as well ?

I already configured ip http server, what else do I have to do ?


thanks

GC

Re: HTTP server
On Tue, 20 May 2008 22:41:44 +1200, Grant wrote:

Quoted text here. Click to load it

ip http server means you can access you ROUTER OR FIREWALL via http, not
internal server... Is it router or firewall you have? What IOS version?

Re: HTTP server
Quoted text here. Click to load it

Forget "ip http server".  That means that you are enabling the router to
provide a web page interface for administration.  It has nothing to do with
what you are doing and should be disabled to maintain good security.

You are correct, in order to have NAT enabled you must have both an "ip nat
outside" and an "ip nat inside".  You must also additionally create an
access-list, perhaps a standard IP access-list, to specify the range of
hosts which can use NAT and what external/global IP address to use in NAT.
Add this global configuration command after creating an access-list (I used
101 as an example):
     ip nat inside source list 101 interface Ethernet0 overload

Now that NAT is running, you must make a static translation for certian
traffic coming in from the outside to be redirected to your inside host.  In
my example, I specified that HTTP traffic, also known as TCP port 80, is
redirected to my example server of 192.168.1.5.  Since the ourside router
interface is using DHCP, I left the external/global IP address out and
instead specified the interface:
     ip nat inside source static tcp 192.168.1.5 80 interface Ethernet0 80

REVIEW:
This is how you enable NAT on a router:
 specify an access-list for the range of hosts to use NAT
 enter "ip nat inside" and "ip nat outside" on the appropriate interfaces
 enter the IP NAT command to bind the access-list of inside hosts and the
outside interface
 (optional) put any inbound TCP/UDP port translations in place to redirect
inbound traffic to an inside server

-----
Scott Perry
Indianapolis, IN



Site Timeline