Solved

NAT problems on Cisco 890

Posted on 2010-11-15
10
1,175 Views
Last Modified: 2012-05-10
Hey everyone

Ok, here is the problem.

I have a CISCO 890 router and I can setup port forwarding and the people from the outside can get to the servers with no issues, but the people inside the network cannot get to the local server using the public IP address.  Now, here is where it gets tricky.

The server in question is an IP camera server, and so its not on the domain nor does it get its DNS from a local DNS server.  Of course, now that I mention all of that, I will have to ask the camera guy if the PC could join the domain and use the local DNS server.  But, if that cannot be done, is there a way to setup NAT loopback (if thats the proper term) on a CISCO 890?

Now, here is the crutch of it all.  Right now they have a RVO42 and it works fine.  They are trying to upgrade their router and the 890 was the one that they picked out.

Thanks for any help!!
0
Comment
Question by:jonmenefee
  • 6
  • 3
10 Comments
 
LVL 5

Expert Comment

by:mittermueller
ID: 34136935
Why not use a network name for the camera and configure your DNS to point to it?
0
 

Author Comment

by:jonmenefee
ID: 34136991
that would be a reverse setting right?  or a forwarding setting in the DNS?
0
 
LVL 5

Expert Comment

by:mittermueller
ID: 34137222
Forward - as your clients query camera_name.domain.local
0
 

Author Comment

by:jonmenefee
ID: 34167994
Naw, didnt work.  What I dont understand is this.  How can a Linksys RV042 router do this without making anything special, but a Cisco 892 cant do this?

Can anyone out there tell me this?
0
 
LVL 5

Expert Comment

by:mittermueller
ID: 34168204
What I do not understand: Why are you acessing it from internal with a public ip?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:jonmenefee
ID: 34168295
The camera system requires it. I asked the camera guy and he said that the software is setup that way. Is it dumb?  Yes
0
 
LVL 1

Expert Comment

by:danielc25
ID: 34168504
What is the local subnet and route information on the 890? Do you have seperate VLANs configured on the 890 for the inside networks?
0
 

Author Comment

by:jonmenefee
ID: 34168583
No. Same subnet. Should I put them on separate VLANS?  Damn. Didn't think of that. Local subnet is 192.168.1.0 - 255. The DHCP is from the router and is 50 - 255. Left the lower ones for the servers and printers.  I am on my cell now so I don't have the rest of the route configuration. I can post it here later
0
 

Accepted Solution

by:
jonmenefee earned 0 total points
ID: 34306954
Ok.  The customer came up with a solution.  They went ahead and purchased another Internet connection from Comcast.  They will put all of their security cameras and DVR one one network and their PC's, servers and printers on a separate one.  Made my life much easier :-)
0
 

Author Closing Comment

by:jonmenefee
ID: 34424548
Unfortunately I could not get an answer from here that would solve the problem
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port 808 is being blocked 9 65
VIRL IP adress 3 58
Getting locked out and can't access Cisco via the web 18 40
Problem to router 7 21
While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is a…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now