Cisco Translation

Hi all,

I have a cisco translation problem that I need help with. If users from the inside LAN go to the external IP address(from web browser), they are met with cisco web interface. I need to translate the external IP(from inside LAN) to another internal IP address - for example if users go to external address of 194.110.xxx.xx from the inside LAN(using a browser) they are redirected to the inside IP address of (10.9.50.252) .

It works from the outside, as if I use the external IP address from another location, I get translated to the inside LAN IP, but it doesn't work when I try to connect to the outside IP aadress from the inside LAN. Any suggestions ?


Thanks in advance.
ht_compAsked:
Who is Participating?
 
MiftaulConnect With a Mentor Commented:
Its called NAT reflection in Cisco and Loopback policy in Sonicwall.

NAT reflection is not supported in Cisco routers. But we can configure zones to achieve it on Cisco routers. In ASA/PIX its configurable because they are zone based.

Here is some good discussions, you might be interested in.

Link1 - NAT Reflection
Link2 - for ASA
0
 
rauenpcCommented:
What device will be doing the translation (make, model), and what version of code are you running?
0
 
SouljaCommented:
My question is why do you want internal users accessing the external ip address. Why not the internal?
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
MiftaulCommented:
We had a similar issue accessing a server behind sonicwall, we were using FQDN to access the server and the DNS didn't have split brain and was resolving to public IP and as a result, internal hosts from the LAN were unable to access the server using FQDN.

We actually did split brain so for for internal hosts dns resolved the FQDN to internal IP and not the public IP.
0
 
ht_compAuthor Commented:
We are using Cisco 891 with version 15.0(1)M4 so that probably rules out the zone based configuration.

We need the NAT reflection in 2 different ciscos actually (both 891).

In the first cisco we need internal users accessing the external IP because some mornings the DNS query redirects users onto the external IP instead of the internal IP and because of that the certification with the FQDN fails - I know, there must be a way to resolve the issue, rather than try to make a NAT reflection but I hope there's a way to do it with cisco as well.

In the second cisco, users on the Guest Wifi are not allowed to access internal IP-s but they sometime need access to resources such as ftp. They are redirected to the external IP, but because they can't access it from the internal LAN.
0
 
MiftaulCommented:
Have you tried configuring ZBF of 891.  You need to have zones for NAT reflection.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.