1. Home
  2. Cisco Systems
  3. Newbie: Cisco 800-series - Access internal server via external IP, when using NAT?

Newbie: Cisco 800-series - Access internal server via external IP, when using NAT?

Hi all,

I've a newbie to Cisco, but somehow I've got my 837 ADSL router working - mostly!

My router is 192.168.1.1. I have a server on the LAN as 192.168.1.150. I am using NAT.

I have setup PAT so that web-traffic comes through to the router, and that is fine.

When I try to access a website hosting on the internal server via the external address (or the domain name) I'm prompted to login to the router config!

Using a local hosts file works, e.g. having host-entries, such as:

192.168.1.150
formatting link

but is there a better way? I'd like to be able to access the sites via their normal domain name and IP, if possible.

Many thanks,

Jim

Reply to
Jim Willsher
Loading thread data ...

Can no-one help with this? I've googled for many different things,a nd from what I can tell it might involve either split DNS or loopback. I have no idea how to set up either!

Basically, requests from an itnernal address to an external address, where that external address then gets PATted to an internal server, should work!

Many thanks,

Jim

Reply to
Jim Willsher

Hi Jim,

...

I am aware of 2 ways to do this - 1. Use an "external reflector". EG for HTTP traffic this is an external Web Server that you use as a "proxy" to reach the External interface for your Web Server. 2. An internal DNS that resolves the WAN DNS Name to the internal IP of the Server.

Cheers.............pk.

Reply to
Peter

Hi Peter,

I'm not sure that either option is available to me, as it's just a small LAN I'm running, but I guess Option 2 is not too dissimilar to my current HOSTS solution.

Many thanks anyway, I'll keep digging.

Jim

Reply to
Jim Willsher

Hi Jim,

You may be surprised at how easy it is to find something for Option 1, I found it VERY easy down here in NZ. You can often even use your local ISP's proxy for the task (many ISP's have a transparent proxy anyway), its often just a case of "do they allow their own IP address ranges to be the target of their proxy?" and "do they allow their customers to run servers in this configuration".......;-). You could even be real sneaky and also specifically target another ISP's proxy. If you have a "local" community of users you may find they can answer this for you.

Yes, Option 2 can be done using a simple "hosts" file. I actually have both methods configured locally for access to my own Web Server behind a Cisco 827.

Reply to
Peter

Okay, I found the definitive answer to this.

formatting link
The feature is called "Inside to Inside NAT - NAT Virtual Interface Support".

I need the 12.3(11)YS release of the IOS. Unfortunately my router only has 48MB of memory (max), and this release requires 64MB. So at least I now know that this setup can be achieved, but only using a 64MB router with 12.3(11)YS or later.

Jim

Reply to
Jim Willsher

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.