problems forwarding http to PC

using the cisco 831 on a verizon dsl connect to the internet ...

just experimenting, I dont have a static IP address, I am setting up one of my W2K PCs as a web server.

pca - 10.10.10.2 pcb - 10.10.10.3 ( is the web server )

on my local lan, from 10.10.10.2, I can browse to a web page on

10.10.10.3: http://10.10.10.3/demosite/page1.aspx So I config PAT on the cisco: configuation - PAT - enable PAT is checked - in the row for HTTP, port number 80, I enter 10.10.10.3, then click "apply"

to verify the port forwarding, at the router service port, I run:

Router>show ip nat translations Pro Inside global Inside local Outside local Outside global tcp 155.196.123.167:80 10.10.10.3:80 --- --- tcp 155.196.123.167:3008 10.10.10.160:3008 --- ---

But it is not working!!

from pc2, I browse to the web site using the public ip address: http://155.196.123.167/demosite/page1.aspx I get a windows network login ( why do I get a login prompt? )

I key in the router user name and password

the the browser displays: "page cannot be found"

any help is appreciated. Why can I browse to my web site on the local lan, but not get to it thru the public IP?

Can I put the cisco 831 router is some sort of mode where it logs all the traffic it is receiving and tells me what it is doing with that traffic.

So far, I cannot get port forwarding to work at all on this router ( or the router before it ). Is there someting I should talk to verizon about?

thanks,

-Steve

Reply to
Steve Richter
Loading thread data ...

here is some more info. I dont need an access list, right? When the access list is not set, that means all traffic is passed?

the "debug packet" command looks like something I would like to run to help troubleshoot my port forwarding problem. But the 831 router says that command is not found.

How do I get the 831 router to help me troubleshoot this problem. I cant forward http ( port 80 ) to my local PC.

thanks,

-Steve

Router>show ip nat translations Pro Inside global Inside local Outside local Outside global tcp xxx.xxx.121.160:80 10.10.10.3:80 --- --- tcp xxx.xxx.121.160:3008 10.10.10.160:3008 --- ---

Router>show ip interface Dialer1 is up, line protocol is up Internet address is xxx.xxx.121.160/32 Broadcast address is 255.255.255.255 Address determined by BOOTP MTU is 1492 bytes Helper address is not set Directed broadcast forwarding is disabled Outgoing access list is not set Inbound access list is not set Proxy ARP is enabled Local Proxy ARP is disabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is enabled IP Flow switching is disabled IP CEF switching is disabled IP Feature Fast switching turbo vector IP multicast fast switching is enabled IP multicast distributed fast switching is disabled

Steve Richter wrote:

Reply to
Steve Richter

I don't know the 831 (I'm still stuck with ISDN), but here are some commands that work on my 804:

// IP cache operations debug ip cache // Dynamic Host Configuration Protocol debug ip dhcp // IP error debugging debug ip error // FTP dialogue debug ip ftp // HTTP connections debug ip http // ICMP transactions debug ip icmp // IGRP information debug ip igrp // IP multicast packet debugging debug ip mpacket // NAT events (forwarded packets only) debug ip nat // General IP debugging and IPSO security transactions debug ip packet // (selected packets only) debug ip packet [access-list#] // (show source/dest port) debug ip packet detail // IP peer address activity debug ip peer // RIP protocol transactions debug ip rip // Routing table events debug ip routing // RTP information debug ip rtp // IP security options debug ip security // Socket event debug ip socket // TCP information debug ip tcp debug ip tcp driver-pak debug ip tcp packet debug ip tcp sack debug ip tcp transactions // IP temporary ACL debug ip tempacl // UDP based transactions debug ip udp

As the note says, "debug ip nat" only shows you the packets that get NATted, not the ones you hoped were going to but didn't.

Commands like "debug ip packet detail" can produce a _lot_ of output. Be careful not to trigger too much activity while they are on...

Loren

Reply to
Loren Amelang

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.