Solved

HELP! Can't access webpage from behind router. Need help with cisco ios (maybe).

Posted on 2006-11-12
4
471 Views
Last Modified: 2012-06-27
Hi,

I've got a webserver set up behind a cisco 877 router. Everything works fine in that I can access the webpages from external networks (i.e. the internet). I can't however access the webpages from inside my network. Here's a little example to make things clearer:

[Webserver 10.5.5.20] ------------------ [Router 150.x.x.82] --------------- [Internet]
[Home Computer 10.5.6.x] --------/

So say someone tries to connect to my webpage foo.bar.com from the internet, the router will translate that domain's external IP address of 150.x.x.82 to 10.5.5.20 and they will be able to see the webpage.

But, say I want to access that webpage from my home computer, the domain will still resolve to 150.x.x.82, and my router will get confused. The reasons why are beyond me.

So far I have fixed the problem by having an internal DNS server which forwards all requests but the ones specific to my domain, *.bar.com. All requests to that domain will instead resolve to the internal webserver address of 10.5.5.20. This solution is however no longer feasible -- I no longer want to host my own DNS server.

A MORE IDEAL SOLUTION would be to have all packets destined for 150.x.x.82, but originating from my internal network (or address range 10.5.6.x), to be translated to 10.5.5.20. This would enable my home computers to access my webpage without disrupting access from the internet.

Now for the money question:

Is it possible with my cisco 877 (IOS 12.4) to use nat or routing or whatever, to have it translate requests for 150.x.x.82, from both the internet AND my internal IP address range, to 10.5.5.20??? i.e.

[internet] -------> 150.x.x.82 -----> [ router 150.x.x.82 ] ----> 10.5.5.20 ------> [Webserver 10.5.5.20]
                                                                             \<-------- 150.x.x.82 <-------[Home Computer 10.5.6.x]

And/or would this even work?

If you read this far, thank you very very much. I'd give you points just for that if I could....
0
Comment
Question by:nulldaemon
4 Comments
 
LVL 7

Accepted Solution

by:
dlangr earned 80 total points
Comment Utility
see "Inside to Inside NAT - NAT Virtual Interface Support" at http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/prod_release_note09186a0080457818.html . Probably works for the 877 as well.
0
 
LVL 9

Assisted Solution

by:PeterMac
PeterMac earned 45 total points
Comment Utility
Without going into too much detail suspect using your router would not be possible - you would need multiple external IP addresses at minimum.

There is much easier way of replacing your internal DNS server if only Name you are interested in is your Webserver, and number of other PC's is limited.

Use Hosts File - In hosts file on each PC specify internal address of your Webserver against Domain Name - this will take precedence over externally resolved DNS for this address.
0
 

Author Comment

by:nulldaemon
Comment Utility
Sorry, I have found myself too busy to pursue this further. While inside to inside nat looks like the answer, it confuses me too much how to apply it to my situation. In regards to PeterMac's post, I already have multile external IP addresses (though I fail to see how this relevant) and already use the hosts file solution, though this is hardly suffificient.

Thank you both for your help, but I have no time to pursue this issue any further at this moment.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Occasionally you run into the website or two that will not resolve properly using your own DNS servers.  Some people simply set up global forwarders for their DNS server.  I don’t recommend doing this because it can cause problems resolving addresse…
Hi All,  Recently I have installed and configured a Sonicwall NS220 in the network as a firewall and Internet access gateway. All was working fine until users started reporting that they cannot use the Cisco VPN client to connect to the customer'…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now