Solved

Address Public IP internally CISCO SOHO 91

Posted on 2004-09-15
3
732 Views
Last Modified: 2008-03-03
What I'm needing to do is to be able address my Public IP from my internal clients.  I have a Cisco SOHO 91 router and I have the Public IP assigned to Ethernet1 and My Private IP assigned to Ethernet0.  I am able to ping my Public IP but am unable to connect to mail or http or any other service running on my server using the Public IP.  Here is my Current Config (where a.b.c.d is my Public IP):

Using 2603 out of 131072 bytes                              
!
version 12.2            
no service pad              
service timestamps debug uptime                              
service timestamps log uptime                            
service password-encryption                          
!
hostname Router              
!
logging queue-limit 100                      
clock timezone CST -6                    
ip subnet-zero              
!
!
!
!
!
!
!
!
!
interface Ethernet0                  
 description Interal LAN                        
 ip address 192.168.2.252 255.255.255.0                                      
 ip nat inside              
 no cdp enable              
 hold-queue 32 in                
 hold-queue 100 out                  
!
interface Ethernet1                  
 description Internet                    
 ip address a.b.c.d 255.255.255.0                                        
 ip nat outside              
 duplex auto            
 no cdp enable              
!
ip nat inside source list 102 interface Ethernet1 overload                                                          
ip nat inside source static tcp 192.168.2.1 25 a.b.c.d 25 extendable
ip nat inside source static tcp 192.168.2.1 21 a.b.c.d 21 extendable
ip nat inside source static tcp 192.168.2.1 80 a.b.c.d 80 extendable
ip nat inside source static tcp 192.168.2.1 443 a.b.c.d 443 extendable
ip nat inside source static tcp 192.168.2.2 53 a.b.c.d 53 extendable            
ip nat inside source static udp 192.168.2.1 7777 a.b.c.d 7777 extendable
ip classless            
ip route 0.0.0.0 0.0.0.0 a.b.c.254                                      
no ip http server                
no ip http secure-server                        
!
access-list 102 permit ip 192.168.2.0 0.0.0.255 any                                                  
!
line con 0          
 exec-timeout 120 0                  
 no modem e        
 no modem e        
line aux 0
 stopbits 1
line vty 0 4
 access-class 23 in
 exec-timeout 120 0
 login local
 length 0
!
scheduler max-task-time 5000
!
end
0
Comment
Question by:microbolt
  • 2
3 Comments
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
You have everything configured correctly.
Make sure that your servers and PC's are all pointing to the router's Ethernet address - 192.168.2.252 as their default gateway...
0
 
LVL 6

Author Comment

by:microbolt
Comment Utility
yep, all of my pc's have that as thier gateway, and i can access any other IP without any problems.  I think that maybe the cisco router is blocking me from going "out and back in" maybe as some kind of spoof protection.  Currently my cisco router is setup for NAT and I have a number of ports I have mapped internally to a server located at 192.168.2.1 (like port 80, 21, etc.)  What my goal is to be able to address my public IP form one of my internal pc and access a resorce located on my private server at 192.168.2.1.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 300 total points
Comment Utility
>router is blocking me from going "out and back in"
EXACTLY. If you are trying to use an inside PC to access the public IP that is Nat'd back to another inside host.
There is no workaround other than to use a local hosts file or local DNS that resolves these hosts to their private inside IP address.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

6 Experts available now in Live!

Get 1:1 Help Now