Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Cisco Translation

Posted on 2014-02-25
6
510 Views
Last Modified: 2014-03-04
Hi all,

I have a cisco translation problem that I need help with. If users from the inside LAN go to the external IP address(from web browser), they are met with cisco web interface. I need to translate the external IP(from inside LAN) to another internal IP address - for example if users go to external address of 194.110.xxx.xx from the inside LAN(using a browser) they are redirected to the inside IP address of (10.9.50.252) .

It works from the outside, as if I use the external IP address from another location, I get translated to the inside LAN IP, but it doesn't work when I try to connect to the outside IP aadress from the inside LAN. Any suggestions ?


Thanks in advance.
0
Comment
Question by:ht_comp
6 Comments
 
LVL 20

Expert Comment

by:rauenpc
ID: 39885609
What device will be doing the translation (make, model), and what version of code are you running?
0
 
LVL 11

Accepted Solution

by:
Miftaul earned 500 total points
ID: 39885867
Its called NAT reflection in Cisco and Loopback policy in Sonicwall.

NAT reflection is not supported in Cisco routers. But we can configure zones to achieve it on Cisco routers. In ASA/PIX its configurable because they are zone based.

Here is some good discussions, you might be interested in.

Link1 - NAT Reflection
Link2 - for ASA
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39885889
My question is why do you want internal users accessing the external ip address. Why not the internal?
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 11

Expert Comment

by:Miftaul
ID: 39885931
We had a similar issue accessing a server behind sonicwall, we were using FQDN to access the server and the DNS didn't have split brain and was resolving to public IP and as a result, internal hosts from the LAN were unable to access the server using FQDN.

We actually did split brain so for for internal hosts dns resolved the FQDN to internal IP and not the public IP.
0
 

Author Comment

by:ht_comp
ID: 39891154
We are using Cisco 891 with version 15.0(1)M4 so that probably rules out the zone based configuration.

We need the NAT reflection in 2 different ciscos actually (both 891).

In the first cisco we need internal users accessing the external IP because some mornings the DNS query redirects users onto the external IP instead of the internal IP and because of that the certification with the FQDN fails - I know, there must be a way to resolve the issue, rather than try to make a NAT reflection but I hope there's a way to do it with cisco as well.

In the second cisco, users on the Guest Wifi are not allowed to access internal IP-s but they sometime need access to resources such as ftp. They are redirected to the external IP, but because they can't access it from the internal LAN.
0
 
LVL 11

Expert Comment

by:Miftaul
ID: 39891299
Have you tried configuring ZBF of 891.  You need to have zones for NAT reflection.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port Forwarding on Cisco 881 14 63
Setting up static routes to  sonicwll 4 72
Public IP Address - Subnet 4 35
Cisco WRVS4400N 11 37
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question