troubleshooting Question

How do I allow requests from my private network to come through my plublic address

Avatar of Arthur_Mino
Arthur_MinoFlag for Australia asked on
RoutersCiscoNetwork Architecture
20 Comments1 Solution1549 ViewsLast Modified:
G'day,

I hope someone can help me.

I have a private network: 192.168.1/24
I have a single public static IP address from my ADSL ISP.
I have a server which hosts a DNS with a private address 192.168.1.10 in my private network.
I have created a NAT 1:1 to my private server 192.168.1.10 to my public IP.

The requests from the internet work fine, my DNS resolve to my public IP address fine.

BUT

Requests from my private network 192.168.1/24 point to my public IP address which my router  does not to put them through to my server.

I know this can be done from the router without having to change host files or dns settings.

I'm sure it has something to do with my nat 1:1 on a stick.



Any assistance apreciated.

Cheers,

Arthur.


!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname tom
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$zAz8$tYsE9wPlhI1
!
no aaa new-model
clock timezone PCTime 10
clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 2:00
!
!
!
crypto pki trustpoint TP-self-signed-823780784
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-823780784
 revocation-check none
 rsakeypair TP-self-signed-823780784
!
!
crypto pki certificate chain TP-self-signed-823780784
 certificate self-signed 01
  3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3832 33373830
  37383430 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  B89B51BD 
        quit
no ip source-route
ip cef
!
!
no ip bootp server
no ip domain lookup
ip domain name tom.com
!
!
!
username admin privilege 15 secret 5 $1elk$rfhj##$%%Ukm/
archive
 log config
  hidekeys
!
!
!
!
!
interface ATM0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no atm ilmi-keepalive
 dsl operating-mode auto
!
interface ATM0.1 point-to-point
 description $ES_WAN$$FW_OUTSIDE$
 no snmp trap link-status
 pvc 8/35
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
 ip address 192.168.1.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1412
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap pap callin
 ppp chap hostname ppoe@isp.com
 ppp chap password 7 104F0D34534kj3435kmo4uhiu3
 ppp pap sent-username pppoe@isp.com password 7 0D5200
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static 192.168.1.10 59.167.231.151
!
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
 
^C
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 login local
 no modem enable
 speed 115200
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler max-task-time 5000
 
!
webvpn cef
end
ASKER CERTIFIED SOLUTION
Jody Lemoine
Network Architect

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 20 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 20 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros