configuration challenge

Discussion in 'Cisco' started by hbush, Jun 23, 2005.

  1. hbush

    hbush Guest

    Folks,
    I need some help with a configuration on a 2610.
    interface s0->isp/t1 e0->lan.
    The config follows. The problem is this. Researchers on the lan need to
    access a website, which is hosted internally and accessed by users on
    the internet through the router with this statement -
    ip nat inside source static 192.168.100.220 12.42.40.245 from outside
    the router. The researchers need to do this as they send page access
    information (hyperlink) in an e-mail which clients click for easy
    access. They need to test this hyperlink as if they are a client to
    make sure the hyperlink is correct. Consequently, they can't just use
    the lan ip for access to the server. I need to have their http request
    go out and resolve on the AT&T dns servers and come back in. I'm
    probably not stating this clearly. if not please respond and I'll try
    again. thanks!!
    (This has been a bad couple of weeks as I inadvertently named an
    MS/win2k3 domain the same name(exactly) as the clients web domain. I'm
    learning more about dns on a win server than I ever wanted to know. The
    Microsoft tech guy was nice enough not to humiliate me for making such
    an inane mistake) So any help will be appreciated with the cisco issue.

    config for 2610
    show run
    Building configuration...

    Current configuration : 2317 bytes
    !
    version 12.3
    service timestamps debug datetime msec
    service timestamps log datetime msec

    !
    hostname Cisco2610
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret
    enable password
    !
    no aaa new-model
    ip subnet-zero
    !
    !
    !
    ip inspect name ethernet_0_0 ftp
    ip inspect name Ethernet_0_0 smtp
    ip inspect name Ethernet_0_0 udp
    ip inspect name Ethernet_0_0 tcp
    ip audit notify log
    ip audit po max-events 100
    !

    !
    interface Ethernet0/0
    description Connected to Ethernet Lan
    ip address 192.168.100.180 255.255.255.0
    ip nat inside
    no ip mroute-cache
    full-duplex
    no cdp enable
    !
    interface Serial0/0
    description connected to Internet
    ip address 12.124.197.158 255.255.255.252
    ip access-group 101 in
    ip nat outside
    encapsulation ppp
    no ip mroute-cache
    service-module t1 remote-alarm-enable
    !
    interface Ethernet0/1
    no ip address
    shutdown
    half-duplex
    !
    ip nat inside source list 2 interface Serial0/0 overload
    ip nat inside source static 192.168.100.230 12.42.40.250
    ip nat inside source static 192.168.100.216 12.42.40.249
    ip nat inside source static 192.168.100.217 12.42.40.248
    ip nat inside source static 192.168.100.218 12.42.40.247
    ip nat inside source static 192.168.100.219 12.42.40.246
    ip nat inside source static 192.168.100.220 12.42.40.245
    ip nat inside source static 192.168.100.231 12.42.40.244
    ip nat inside source static 192.168.100.215 12.42.40.243
    no ip http server
    no ip http secure-server
    ip classless
    ip route 0.0.0.0 0.0.0.0 12.124.197.157
    !
    !
    access-list 2 permit 192.168.100.0 0.0.0.255
    access-list 101 permit tcp any host 12.124.197.158 eq telnet
    access-list 101 permit icmp any any echo
    access-list 101 permit icmp any any echo-reply
    access-list 101 permit tcp any any established
    access-list 101 permit tcp any any eq www
    access-list 101 permit tcp any any eq smtp
    access-list 101 permit tcp any any eq pop3
    access-list 101 permit tcp any any eq ftp-data
    access-list 101 permit tcp any any eq ftp
    access-list 101 permit udp any eq domain any
    access-list 101 permit tcp any gt 1023 any eq ftp-data
    access-list 101 permit tcp any any gt 1023
    !
    snmp-server community imagewerks RW
    snmp-server enable traps tty
    !
    !
    !
    !
    !
    line con 0
    line aux 0
    !
    !
    !
    end
     
    hbush, Jun 23, 2005
    #1
    1. Advertisements

  2. hbush

    Waqas Guest

    look if ur researchers are connecting to the hyperlink via the name u
    have registered to the AT&T DNS it should work fine. because the
    request will first go to the AT&T dns. and the AT&T dns will point it
    towards 12.42.40.245. so again the request from the researcher's PC
    will b directed towards the router to b routed. next the router will do
    nat and will send the request to the 192.168.100.220 and here the
    request will b completed.

    i think in this scenerio it should work fine. just tell ur researcher
    to use the name instead of ip 192.168.100.220 for connecting to the
    hyperlink.
     
    Waqas, Jun 23, 2005
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.