Newbie: Cisco 800-series - Access internal server via external IP, when using NAT?

Discussion in 'Cisco' started by Jim Willsher, May 4, 2006.

  1. Jim Willsher

    Jim Willsher Guest

    Hi all,

    I've a newbie to Cisco, but somehow I've got my 837 ADSL router
    working - mostly!

    My router is I have a server on the LAN as
    I am using NAT.

    I have setup PAT so that web-traffic comes through to the router, and
    that is fine.

    When I try to access a website hosting on the internal server via the
    external address (or the domain name) I'm prompted to login to the
    router config!

    Using a local hosts file works, e.g. having host-entries, such as:

    but is there a better way? I'd like to be able to access the sites via
    their normal domain name and IP, if possible.

    Many thanks,

    Jim Willsher, May 4, 2006
    1. Advertisements

  2. Jim Willsher

    Jim Willsher Guest

    Can no-one help with this? I've googled for many different things,a nd
    from what I can tell it might involve either split DNS or loopback. I
    have no idea how to set up either!

    Basically, requests from an itnernal address to an external address,
    where that external address then gets PATted to an internal server,
    should work!

    Many thanks,

    Jim Willsher, May 5, 2006
    1. Advertisements

  3. Jim Willsher

    Peter Guest

    Hi Jim,
    I am aware of 2 ways to do this -
    1. Use an "external reflector". EG for HTTP traffic this is an
    external Web Server that you use as a "proxy" to reach the External
    interface for your Web Server.
    2. An internal DNS that resolves the WAN DNS Name to the internal IP
    of the Server.
    Peter, May 6, 2006
  4. Jim Willsher

    Jim Willsher Guest

    Hi Peter,

    I'm not sure that either option is available to me, as it's just a
    small LAN I'm running, but I guess Option 2 is not too dissimilar to
    my current HOSTS solution.

    Many thanks anyway, I'll keep digging.

    Jim Willsher, May 6, 2006
  5. Jim Willsher

    Peter Guest

    Hi Jim,
    You may be surprised at how easy it is to find something for Option 1,
    I found it VERY easy down here in NZ. You can often even use your
    local ISP's proxy for the task (many ISP's have a transparent proxy
    anyway), its often just a case of "do they allow their own IP address
    ranges to be the target of their proxy?" and "do they allow their
    customers to run servers in this configuration".......;-). You could
    even be real sneaky and also specifically target another ISP's proxy.
    If you have a "local" community of users you may find they can answer
    this for you.

    Yes, Option 2 can be done using a simple "hosts" file. I actually have
    both methods configured locally for access to my own Web Server behind
    a Cisco 827.
    Peter, May 6, 2006
  6. Jim Willsher

    Jim Willsher Guest

    Okay, I found the definitive answer to this.

    The feature is called "Inside to Inside NAT - NAT Virtual Interface

    I need the 12.3(11)YS release of the IOS. Unfortunately my router only
    has 48MB of memory (max), and this release requires 64MB. So at least
    I now know that this setup can be achieved, but only using a 64MB
    router with 12.3(11)YS or later.

    Jim Willsher, May 12, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.