837. Unable to see internal web server from internal server.

Discussion in 'Cisco' started by eric the brave, Mar 5, 2006.

  1. I have a Cisco 837 and have set up NAT to allow the outside to access a
    web server. This works, however other computers on the inside get
    "connection was refused" when trying to access it.

    show config
    Using 4406 out of 131072 bytes
    !
    version 12.3
    no service pad
    service timestamps debug datetime msec show-timezone
    service timestamps log datetime msec show-timezone
    service password-encryption
    !
    hostname router
    !
    no logging buffered
    no logging console
    enable secret 5 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    !
    username router password 7 XXXXXXXXXXXXXXXXXX
    no aaa new-model
    ip subnet-zero
    ip name-server 194.247.47.47
    ip name-server 194.247.40.126
    ip dhcp excluded-address 192.168.1.1 192.168.1.199
    ip dhcp excluded-address 192.168.1.211 192.168.1.254
    ip dhcp excluded-address 192.168.1.1
    !
    ip dhcp pool CLIENT
    import all
    network 192.168.1.0 255.255.255.0
    default-router 192.168.1.1
    domain-name XXXXX.co.uk
    lease 0 2
    !
    !
    ip inspect name myfw cuseeme timeout 3600
    ip inspect name myfw ftp timeout 3600
    ip inspect name myfw rcmd timeout 3600
    ip inspect name myfw realaudio timeout 3600
    ip inspect name myfw smtp timeout 3600
    ip inspect name myfw tftp timeout 30
    ip inspect name myfw udp timeout 15
    ip inspect name myfw tcp timeout 3600
    ip inspect name myfw h323 timeout 3600
    ip audit notify log
    ip audit po max-events 100
    no ftp-server write-enable
    !
    !
    !
    !
    !
    !
    !
    interface Ethernet0
    description CRWS Generated text. Please do not delete this:192.168.1.1-255.255.255.0
    ip address 192.168.1.1 255.255.255.0
    ip access-group 122 out
    ip nat inside
    no ip mroute-cache
    hold-queue 100 out
    !
    interface ATM0
    no ip address
    no ip mroute-cache
    atm vc-per-vp 64
    no atm ilmi-keepalive
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    dsl operating-mode auto
    !
    interface FastEthernet1
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet2
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet3
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet4
    no ip address
    duplex auto
    speed auto
    !
    interface Dialer1
    ip address negotiated
    ip access-group 111 in
    ip nat outside
    ip inspect myfw out
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    ppp authentication chap pap callin
    ppp chap hostname
    ppp chap password 7 XXXXXXXXXXXXXXXXXXx
    ppp pap sent-username password 7 XXXXXXXXXXXXXXXXXXXXX
    ppp ipcp dns request ppp ipcp wins request
    hold-queue 224 in
    !
    ip nat inside source list 102 interface Dialer1 overload ip nat inside
    source static tcp 192.168.1.3 25 interface Dialer1 25 ip nat inside source
    static tcp 192.168.1.3 80 interface Dialer1 80 ip nat inside source static
    tcp 192.168.1.3 22 interface Dialer1 22 ip nat inside source static tcp
    192.168.1.3 8888 interface Dialer1 8888 ip nat inside source static tcp
    192.168.1.3 6789 interface Dialer1 6789 ip classless ip route 0.0.0.0
    0.0.0.0 Dialer1
    no ip http server
    no ip http secure-server
    !
    logging trap debugging
    logging facility local4
    logging 192.168.1.3
    access-list 102 remark permit internal network internet access access-list
    102 permit ip 192.168.1.0 0.0.0.255 any access-list 111 remark Deny
    traffic from a major SPYWARE Company access-list 111 deny ip
    207.246.124.0 0.0.0.255 any access-list 111 deny tcp any any eq telnet
    access-list 111 permit icmp any any administratively-prohibited
    access-list 111 permit icmp any any echo-reply access-list 111 permit icmp
    any any packet-too-big access-list 111 permit icmp any any time-exceeded
    access-list 111 permit icmp any any traceroute access-list 111 permit icmp
    any any unreachable access-list 111 permit udp any eq bootps any eq bootpc
    access-list 111 permit udp any eq bootps any eq bootps access-list 111
    permit udp any eq domain any access-list 111 permit esp any any
    access-list 111 permit udp any any eq isakmp access-list 111 permit tcp
    any any eq www access-list 111 permit tcp any any eq 6789 access-list 111
    permit tcp any any eq 8888 access-list 111 permit tcp any any eq 22
    access-list 111 permit tcp any any eq smtp access-list 111 permit tcp any
    any eq 139 access-list 111 permit udp any any eq netbios-ns access-list
    111 permit udp any any eq netbios-dgm access-list 111 permit gre any any
    access-list 111 remark Block all Outside traffic In access-list 111 deny
    ip any any
    access-list 122 remark permit internal network internet access access-list
    122 permit ip any any
    dialer-list 1 protocol ip permit
    !
    line con 0
    exec-timeout 120 0
    no modem enable
    stopbits 1
    line aux 0
    line vty 0 4
    access-class 23 in
    exec-timeout 120 0
    login local
    length 0
    !
    scheduler max-task-time 5000
    !
    end




    --
    SimonB
     
    eric the brave, Mar 5, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?Sm9obiBN?=

    Unable to see machines on the ethernet; Unable to find printers

    =?Utf-8?B?Sm9obiBN?=, Jun 6, 2005, in forum: Wireless Networking
    Replies:
    1
    Views:
    933
    Jack \(MVP\)
    Jun 7, 2005
  2. Confused

    Cisco 837-837 VPN

    Confused, Jul 9, 2003, in forum: Cisco
    Replies:
    0
    Views:
    1,773
    Confused
    Jul 9, 2003
  3. Suppa Lamah
    Replies:
    8
    Views:
    1,650
  4. Richard Antony Burton
    Replies:
    0
    Views:
    6,234
    Richard Antony Burton
    Jan 5, 2004
  5. Replies:
    4
    Views:
    4,208
Loading...

Share This Page