Newbie: Cisco 800-series - Access internal server via external IP, when using NAT?

Discussion in 'Cisco' started by Jim Willsher, May 4, 2006.

  1. Jim Willsher

    Jim Willsher Guest

    Hi all,

    I've a newbie to Cisco, but somehow I've got my 837 ADSL router
    working - mostly!

    My router is 192.168.1.1. I have a server on the LAN as 192.168.1.150.
    I am using NAT.

    I have setup PAT so that web-traffic comes through to the router, and
    that is fine.

    When I try to access a website hosting on the internal server via the
    external address (or the domain name) I'm prompted to login to the
    router config!

    Using a local hosts file works, e.g. having host-entries, such as:

    192.168.1.150 www.bulkrenameutility.co.uk

    but is there a better way? I'd like to be able to access the sites via
    their normal domain name and IP, if possible.

    Many thanks,



    Jim
    Jim Willsher, May 4, 2006
    #1
    1. Advertising

  2. Jim Willsher

    Jim Willsher Guest

    On Thu, 04 May 2006 15:48:12 +0100, Jim Willsher <>
    wrote:

    >Hi all,
    >
    >I've a newbie to Cisco, but somehow I've got my 837 ADSL router
    >working - mostly!
    >
    >My router is 192.168.1.1. I have a server on the LAN as 192.168.1.150.
    >I am using NAT.
    >
    > I have setup PAT so that web-traffic comes through to the router, and
    >that is fine.
    >
    >When I try to access a website hosting on the internal server via the
    >external address (or the domain name) I'm prompted to login to the
    >router config!
    >
    >Using a local hosts file works, e.g. having host-entries, such as:
    >
    >192.168.1.150 www.bulkrenameutility.co.uk
    >
    >but is there a better way? I'd like to be able to access the sites via
    >their normal domain name and IP, if possible.
    >
    >Many thanks,
    >
    >
    >
    >Jim



    Can no-one help with this? I've googled for many different things,a nd
    from what I can tell it might involve either split DNS or loopback. I
    have no idea how to set up either!

    Basically, requests from an itnernal address to an external address,
    where that external address then gets PATted to an internal server,
    should work!

    Many thanks,


    Jim
    Jim Willsher, May 5, 2006
    #2
    1. Advertising

  3. Jim Willsher

    Peter Guest

    Hi Jim,

    > I've a newbie to Cisco, but somehow I've got my 837 ADSL router
    > working - mostly!

    ...

    > I'd like to be able to access the sites via
    > their normal domain name and IP, if possible.


    I am aware of 2 ways to do this -
    1. Use an "external reflector". EG for HTTP traffic this is an
    external Web Server that you use as a "proxy" to reach the External
    interface for your Web Server.
    2. An internal DNS that resolves the WAN DNS Name to the internal IP
    of the Server.

    Cheers.............pk.

    --
    Peter from Auckland.
    Peter, May 6, 2006
    #3
  4. Jim Willsher

    Jim Willsher Guest

    On 6 May 2006 16:21:59 +1200, "Peter" <> wrote:

    >Hi Jim,
    >
    >> I've a newbie to Cisco, but somehow I've got my 837 ADSL router
    >> working - mostly!

    > ...
    >
    >> I'd like to be able to access the sites via
    >> their normal domain name and IP, if possible.

    >
    >I am aware of 2 ways to do this -
    > 1. Use an "external reflector". EG for HTTP traffic this is an
    >external Web Server that you use as a "proxy" to reach the External
    >interface for your Web Server.
    > 2. An internal DNS that resolves the WAN DNS Name to the internal IP
    >of the Server.
    >
    >Cheers.............pk.



    Hi Peter,

    I'm not sure that either option is available to me, as it's just a
    small LAN I'm running, but I guess Option 2 is not too dissimilar to
    my current HOSTS solution.

    Many thanks anyway, I'll keep digging.



    Jim
    Jim Willsher, May 6, 2006
    #4
  5. Jim Willsher

    Peter Guest

    Hi Jim,

    > >I am aware of 2 ways to do this -
    > > 1. Use an "external reflector". EG for HTTP traffic this is an
    > >external Web Server that you use as a "proxy" to reach the External
    > >interface for your Web Server.
    > > 2. An internal DNS that resolves the WAN DNS Name to the internal IP
    > >of the Server.
    > >


    > I'm not sure that either option is available to me, as it's just a
    > small LAN I'm running, but I guess Option 2 is not too dissimilar to
    > my current HOSTS solution.


    You may be surprised at how easy it is to find something for Option 1,
    I found it VERY easy down here in NZ. You can often even use your
    local ISP's proxy for the task (many ISP's have a transparent proxy
    anyway), its often just a case of "do they allow their own IP address
    ranges to be the target of their proxy?" and "do they allow their
    customers to run servers in this configuration".......;-). You could
    even be real sneaky and also specifically target another ISP's proxy.
    If you have a "local" community of users you may find they can answer
    this for you.

    Yes, Option 2 can be done using a simple "hosts" file. I actually have
    both methods configured locally for access to my own Web Server behind
    a Cisco 827.



    >
    > Many thanks anyway, I'll keep digging.
    >
    >
    >
    > Jim



    --
    Peter from Auckland.
    Peter, May 6, 2006
    #5
  6. Jim Willsher

    Jim Willsher Guest

    On 7 May 2006 10:52:03 +1200, "Peter" <> wrote:

    >Hi Jim,
    >
    >> >I am aware of 2 ways to do this -
    >> > 1. Use an "external reflector". EG for HTTP traffic this is an
    >> >external Web Server that you use as a "proxy" to reach the External
    >> >interface for your Web Server.
    >> > 2. An internal DNS that resolves the WAN DNS Name to the internal IP
    >> >of the Server.
    >> >

    >
    >> I'm not sure that either option is available to me, as it's just a
    >> small LAN I'm running, but I guess Option 2 is not too dissimilar to
    >> my current HOSTS solution.

    >
    >You may be surprised at how easy it is to find something for Option 1,
    >I found it VERY easy down here in NZ. You can often even use your
    >local ISP's proxy for the task (many ISP's have a transparent proxy
    >anyway), its often just a case of "do they allow their own IP address
    >ranges to be the target of their proxy?" and "do they allow their
    >customers to run servers in this configuration".......;-). You could
    >even be real sneaky and also specifically target another ISP's proxy.
    >If you have a "local" community of users you may find they can answer
    >this for you.
    >
    >Yes, Option 2 can be done using a simple "hosts" file. I actually have
    >both methods configured locally for access to my own Web Server behind
    >a Cisco 827.
    >
    >
    >
    >>
    >> Many thanks anyway, I'll keep digging.
    >>
    >>
    >>
    >> Jim



    Okay, I found the definitive answer to this.

    http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/prod_release_note09186a0080457818.html

    The feature is called "Inside to Inside NAT - NAT Virtual Interface
    Support".

    I need the 12.3(11)YS release of the IOS. Unfortunately my router only
    has 48MB of memory (max), and this release requires 64MB. So at least
    I now know that this setup can be achieved, but only using a 64MB
    router with 12.3(11)YS or later.



    Jim
    Jim Willsher, May 12, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. JoelSeph
    Replies:
    9
    Views:
    6,633
    JoelSeph
    Jan 23, 2006
  2. [BnH]
    Replies:
    3
    Views:
    423
    Walter Hofmann
    Sep 24, 2005
  3. Bob
    Replies:
    0
    Views:
    505
  4. HangaS
    Replies:
    2
    Views:
    879
    HangaS
    Apr 19, 2007
  5. dcpearso
    Replies:
    3
    Views:
    1,909
    dcpearso
    Mar 23, 2008
Loading...

Share This Page