brithol
asked on
port 80 not working trough nat
Hi,
we have a network from 192.168.0.0-192.168.15.254
so in the other network they have one more router where it connects to their internal network to the network 10.20.x.x, and they have made a nat to port 80 where if I put the IP 10.10.120.254 it should connect to their webserver.
But the problem is when I try to connect to port 80 it doesnt connects, but I can ping both ip addresses the 10.10.120.254 and the 10.20.x.x
I tried to understand what can be the problem as if I put a router that is not connected to my network I can open the website trough port 80, but when I put the connection trough the network I cant open it...
Please help as I dont have more clues...By the way the hardware of routers is CISCO.
Regards
Joel
we have a network from 192.168.0.0-192.168.15.254
so in the other network they have one more router where it connects to their internal network to the network 10.20.x.x, and they have made a nat to port 80 where if I put the IP 10.10.120.254 it should connect to their webserver.
But the problem is when I try to connect to port 80 it doesnt connects, but I can ping both ip addresses the 10.10.120.254 and the 10.20.x.x
I tried to understand what can be the problem as if I put a router that is not connected to my network I can open the website trough port 80, but when I put the connection trough the network I cant open it...
Please help as I dont have more clues...By the way the hardware of routers is CISCO.
Regards
Joel
ASKER
When we put a machin in the network 10.10.120.254 I can reach their webserver with no problem...
But when we go and put it in our network it simple dont work...
Can it be that their have a similar internal network like ours 192.168.x.x?
But when we go and put it in our network it simple dont work...
Can it be that their have a similar internal network like ours 192.168.x.x?
Yes.. if your network is 192.168.x.x and they have a local 192.168.x.x network, the problem is that return traffic from the server is going to return to THEIR 192 network, because the source address isn't changed in your request to their server.
There are several different ways to fix it, but I'm not sure we have enough detail of your network, and the one you're connecting to, to really be helpful.. The short version is that to not do any more complicated NAT configuration, there has to be a route to get from their web server all the way back to your machine, with all the routers along the way not having a route to a different network with the same address. This means that perhaps if you could get a network number that they're not using, and you could use that network, and they could inject a route to you into their routing protocol (or use static routes if it's small) then you could get it to work that way, otherwise you're probably going to have to do some source address NATting..
There are several different ways to fix it, but I'm not sure we have enough detail of your network, and the one you're connecting to, to really be helpful.. The short version is that to not do any more complicated NAT configuration, there has to be a route to get from their web server all the way back to your machine, with all the routers along the way not having a route to a different network with the same address. This means that perhaps if you could get a network number that they're not using, and you could use that network, and they could inject a route to you into their routing protocol (or use static routes if it's small) then you could get it to work that way, otherwise you're probably going to have to do some source address NATting..
ASKER
wich details you need?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The first step would be to test each half.
Put a machine in their network on the 10.10.120.X network and see if you can get to the machine from there.
Then turn on a web server on that machine and see if you can access it from your network.
You might have to adjust their NAT to point to your new server instead of their one.
You can also check the routing back again by pinging from the web server back to your network.