Routing to public IP of NAT address from internal NAT address

Discussion in 'Cisco' started by Andrew Albert, Feb 6, 2005.

  1. Having an issue routing to the public ip space 207.19.124.249 from an
    internal ip of 10.0.0.105 .... The 207.19.124.249 ip maps to 10.0.0.4.
    etc.....

    So from inside, if the user goes to 207.19.124.249 it never makes it
    back inside..... From outside you can get to it no problem.

    Thank you ahead of time,

    Andy


    Here is the config



    version 12.3
    no service pad
    service timestamps debug datetime localtime show-timezone
    service timestamps log datetime localtime show-timezone
    no service password-encryption
    !
    hostname nyc_router
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 10000 debugging
    no logging console
    enable password becareful
    !
    clock timezone UTC -5
    clock summer-time UTC recurring
    no aaa new-model
    ip subnet-zero
    ip cef
    !
    !
    ip domain name nycdomain.com
    ip name-server 183.30.1.1
    ip dhcp excluded-address 10.0.0.1 10.0.0.99
    ip dhcp excluded-address 10.0.0.200 10.0.0.254
    !
    ip dhcp pool 100
    network 10.0.0.0 255.255.255.0
    default-router 10.0.0.1
    dns-server 10.0.0.4 199.72.1.1
    !
    ip audit po max-events 100
    ip audit name INFO4U info action alarm
    ip audit name ATTACK4U attack action alarm
    vpdn enable
    !
    !
    !
    !
    voice call carrier capacity active
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    interface FastEthernet0/0
    ip address 10.0.0.1 255.255.255.0
    ip nat inside
    duplex auto
    speed auto
    !
    interface Serial0/0
    description to PROVIDER
    bandwidth 768
    no ip address
    no ip redirects
    no ip proxy-arp
    encapsulation frame-relay IETF
    no ip mroute-cache
    priority-group 1
    service-module t1 timeslots 12-23
    frame-relay lmi-type ansi
    !
    interface Serial0/0.1 point-to-point
    bandwidth 768
    ip address 207.19.124.254 255.255.255.252
    ip nat outside
    frame-relay interface-dlci 886 IETF
    !
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    !
    ip nat pool ovrld 207.19.124.254 207.19.124.254 prefix-length 24
    ip nat inside source list 7 pool ovrld overload
    ip nat inside source static tcp 10.0.0.25 25 207.19.124.249 25
    extendable
    ip nat inside source static 10.0.0.250 207.19.124.250
    ip nat inside source static tcp 10.0.0.25 22 207.19.124.249 22
    extendable
    ip nat inside source static tcp 10.0.0.25 9090 207.19.124.249 9090
    extendable
    ip nat inside source static tcp 10.0.0.4 80 207.19.124.249 80
    extendable
    ip nat inside source static tcp 10.0.0.4 3389 207.19.124.249 3389
    extendable
    no ip http server
    no ip http secure-server
    ip classless
    ip route 0.0.0.0 0.0.0.0 207.19.124.253
    !
    !
    access-list 7 permit 10.0.0.0 0.0.0.255
    access-list 10 permit 10.0.0.250
    access-list 11 permit 10.0.0.4
    access-list 12 permit 10.0.0.2
    access-list 25 permit 10.0.0.25
    access-list 103 permit ip any any dscp cs1
    access-list 103 permit ip any any dscp af13
    access-list 103 permit ip any any dscp cs1 log
    access-list 103 permit ip any any dscp af13 log
    access-list 104 remark - Outbound passthrough for priority-list ping
    access-list 104 permit icmp any any
    priority-list 1 protocol ip high list 10
    priority-list 1 protocol ip high udp 5060
    priority-list 1 protocol ip high tcp 5298
    priority-list 1 protocol ip high udp 5298
    priority-list 1 protocol ip high udp 5678
    priority-list 1 protocol ip high udp 5363
    priority-list 1 protocol ip high list 11
    priority-list 1 protocol ip low list 12
    priority-list 1 protocol ip high tcp 22
    priority-list 1 protocol ip high tcp telnet
    priority-list 1 protocol ip medium tcp pop3
    priority-list 1 protocol ip normal tcp smtp
    priority-list 1 protocol ip medium tcp domain
    priority-list 1 protocol ip medium udp domain
    priority-list 1 protocol ip medium tcp www
    priority-list 1 protocol ip normal list 25
    priority-list 1 protocol ip medium tcp 443
    priority-list 1 protocol ip medium list 104
    priority-list 1 protocol ip normal tcp ftp
    priority-list 1 protocol ip high tcp 5060
    priority-list 1 protocol ip high udp 4569
    priority-list 1 protocol ip high udp 5004
    priority-list 1 protocol ip high udp 5036
    priority-list 1 protocol ip normal tcp 9090
    priority-list 1 default low
    !
    !
    !
    dial-peer cor custom
    !
    !
    !
    !
    !
    line con 0
    password sanitized
    login
    transport preferred none
    line aux 0
    password sanitized
    login
    transport preferred none
    line vty 0 4
    password sanitized
    login
    transport preferred none
    !
    ntp clock-period 17179469
    ntp server 198.72.72.10
    ntp server 131.144.4.9
    !
    end
     
    Andrew Albert, Feb 6, 2005
    #1
    1. Advertising

  2. Andrew Albert

    Rod Dorman Guest

    In article <>,
    Andrew Albert <> wrote:
    >Having an issue routing to the public ip space 207.19.124.249 from an
    >internal ip of 10.0.0.105 .... The 207.19.124.249 ip maps to 10.0.0.4.
    >etc.....
    >
    >So from inside, if the user goes to 207.19.124.249 it never makes it
    >back inside..... From outside you can get to it no problem.


    Use split DNS so an 'inside' lookup will return the 'inside' address.

    --
    -- Rod --
    rodd(at)polylogics(dot)com
     
    Rod Dorman, Feb 8, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page