Newbie: Cisco 800-series - Access internal server via external IP, when using NAT?

Hi all,

I've a newbie to Cisco, but somehow I've got my 837 ADSL router
working - mostly!

My router is 192.168.1.1. I have a server on the LAN as 192.168.1.150.
I am using NAT.

I have setup PAT so that web-traffic comes through to the router, and
that is fine.

When I try to access a website hosting on the internal server via the
external address (or the domain name) I'm prompted to login to the
router config!

Using a local hosts file works, e.g. having host-entries, such as:

192.168.1.150 www.bulkrenameutility.co.uk

but is there a better way? I'd like to be able to access the sites via
their normal domain name and IP, if possible.

Many thanks,



Jim

 

Can no-one help with this? I've googled for many different things,a nd
from what I can tell it might involve either split DNS or loopback. I
have no idea how to set up either!

Basically, requests from an itnernal address to an external address,
where that external address then gets PATted to an internal server,
should work!

Many thanks,


Jim

 

Hi Jim,

I am aware of 2 ways to do this -
1. Use an "external reflector". EG for HTTP traffic this is an
external Web Server that you use as a "proxy" to reach the External
interface for your Web Server.
2. An internal DNS that resolves the WAN DNS Name to the internal IP
of the Server.

Cheers.............pk.

 

Hi Peter,

I'm not sure that either option is available to me, as it's just a
small LAN I'm running, but I guess Option 2 is not too dissimilar to
my current HOSTS solution.

Many thanks anyway, I'll keep digging.



Jim

 

Hi Jim,

You may be surprised at how easy it is to find something for Option 1,
I found it VERY easy down here in NZ. You can often even use your
local ISP's proxy for the task (many ISP's have a transparent proxy
anyway), its often just a case of "do they allow their own IP address
ranges to be the target of their proxy?" and "do they allow their
customers to run servers in this configuration".......;-). You could
even be real sneaky and also specifically target another ISP's proxy.
If you have a "local" community of users you may find they can answer
this for you.

Yes, Option 2 can be done using a simple "hosts" file. I actually have
both methods configured locally for access to my own Web Server behind
a Cisco 827.

 

Okay, I found the definitive answer to this.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/prod_release_note09186a0080457818.html

The feature is called "Inside to Inside NAT - NAT Virtual Interface
Support".

I need the 12.3(11)YS release of the IOS. Unfortunately my router only
has 48MB of memory (max), and this release requires 64MB. So at least
I now know that this setup can be achieved, but only using a 64MB
router with 12.3(11)YS or later.



Jim