Cisco Translation

Hi all,

I have a cisco translation problem that I need help with. If users from the inside LAN go to the external IP address(from web browser), they are met with cisco web interface. I need to translate the external IP(from inside LAN) to another internal IP address - for example if users go to external address of 194.110.xxx.xx from the inside LAN(using a browser) they are redirected to the inside IP address of (10.9.50.252) .

It works from the outside, as if I use the external IP address from another location, I get translated to the inside LAN IP, but it doesn't work when I try to connect to the outside IP aadress from the inside LAN. Any suggestions ?


Thanks in advance.
ht_compAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rauenpcCommented:
What device will be doing the translation (make, model), and what version of code are you running?
0
MiftaulCommented:
Its called NAT reflection in Cisco and Loopback policy in Sonicwall.

NAT reflection is not supported in Cisco routers. But we can configure zones to achieve it on Cisco routers. In ASA/PIX its configurable because they are zone based.

Here is some good discussions, you might be interested in.

Link1 - NAT Reflection
Link2 - for ASA
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Soulja53 6F 75 6C 6A 61 Commented:
My question is why do you want internal users accessing the external ip address. Why not the internal?
0
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

MiftaulCommented:
We had a similar issue accessing a server behind sonicwall, we were using FQDN to access the server and the DNS didn't have split brain and was resolving to public IP and as a result, internal hosts from the LAN were unable to access the server using FQDN.

We actually did split brain so for for internal hosts dns resolved the FQDN to internal IP and not the public IP.
0
ht_compAuthor Commented:
We are using Cisco 891 with version 15.0(1)M4 so that probably rules out the zone based configuration.

We need the NAT reflection in 2 different ciscos actually (both 891).

In the first cisco we need internal users accessing the external IP because some mornings the DNS query redirects users onto the external IP instead of the internal IP and because of that the certification with the FQDN fails - I know, there must be a way to resolve the issue, rather than try to make a NAT reflection but I hope there's a way to do it with cisco as well.

In the second cisco, users on the Guest Wifi are not allowed to access internal IP-s but they sometime need access to resources such as ftp. They are redirected to the external IP, but because they can't access it from the internal LAN.
0
MiftaulCommented:
Have you tried configuring ZBF of 891.  You need to have zones for NAT reflection.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Protocols

From novice to tech pro — start learning today.