Solved

Local Loopback/Internet NAT redirection on Billion Biguard2

Posted on 2008-10-07
6
873 Views
Last Modified: 2012-05-05
I have an exchange 2007 activesync server set up on my internal network, with no Edge server. I have the push tech configured correctly, and users receive emails with no trouble externally. However, when they are on their local LAN using the mobile devices WiFi, they are unable to make a connection.

I understand this is due to Local Loopback not being enabled, or as Linksys call it, "Filter Internet NAT Redirection".

I know it is possible with DNS to set this up, but we have an external DNS server for our web domain. Which makes it a bit of a clunky solution.

Is it a case of setting up a static route? or maybe a bit more difficult?
0
Comment
Question by:Lucascadams
  • 3
  • 3
6 Comments
 
LVL 8

Accepted Solution

by:
Jay_Gridley earned 125 total points
ID: 22659243
I would say it's a bit more difficult. The problem is that you have (obviously) configured the external IP address through it's DNS name, let's call it pda.external.com.

The problem is that when your are inside your LAN it will try to connect to the external IP address from the inside, which is not supported.
DNS would be a solution as you could create a A-record with the same name (pda.external.com), but pointing it to the internal server in stead.
A route would not be a sollution to this problem.

If you do not have the ability to change the DNS records I wouldn't know an answer to this problem. You could try creating a DNS server for the sole purpose of hosting external.com ,but this could have unexpected problems to the rest of the network. This would for example mean that you would be unable to reach www.external.com from a pc on your local LAN, unless you create a A-record for this site as well. This might or might not be an option depending on the size of your network and the number of sites you need to reach on .external.com.

I hope this makes sense.

JG.
0
 

Author Comment

by:Lucascadams
ID: 22659533
Hmm,

How about this:

I can add another A record to the external DNS server like below, and then create a local copy of the DNS server on the internal network.

pda.company.co.uk in "external ip"
pda.company.co.uk in "local ip"

will they intefere with each other?
0
 

Author Comment

by:Lucascadams
ID: 22659562
The sort of solution I am looking for is to allow users inside the local network to access the server from the external network. I know it is possible on a Linksys router as I have done it before.

The DNS solution could work fine though.
0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 8

Expert Comment

by:Jay_Gridley
ID: 22659574
This would not work.
If you create 2 seperate A-records for the same DNS name they will perform "round robin", meaning they will perform a kind of 'load balancing' between the 2 addressess choosing either the one or the other.

Since the one is only available inside and the other outside this would not be what you're looking for.
0
 

Author Comment

by:Lucascadams
ID: 22667100
I managed to solve the problem.

My internet connection has a LAN IP which it gives my router, which is not my external IP address.

I set the WAN IP Alias setting on the router to my external IP address, and it allowed me to connect to my server internally, from the external address.


0
 
LVL 8

Expert Comment

by:Jay_Gridley
ID: 22667130
Good thinking. I'm glad you solved it!

JG
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question