NAT Hairpin Cisco IOS to access webserver on FQDN from LAN.

PDUK2173
PDUK2173 used Ask the Experts™
on
Hi,

Hope someone can help, I'm trying to setup NAT hairpinning on Cisco IOS version 15.4

The end users want to be able to access the web server hosted on their LAN using the public IP/FQDN.

Current static NAT rules

ip nat inside source static tcp <internalWebserverIP> 25 <PublicwebserverIP> 25 extendable
ip nat inside source static tcp <internalWebserverIP>80 <PublicwebserverIP> 80 extendable
ip nat inside source static tcp <internalWebserverIP> 443 <PublicwebserverIP> 443 extendable

Any help would be appreciated.


Thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Network Architect
Commented:
If you use NAT Virtual Interface (NVI) on your router rather than traditional NAT, hairpinning will work.

Just replace all of your "ip nat inside" and "ip nat outside" commands on your interfaces with "ip nat enable" and the replace your global "ip nat inside source" commands with "ip nat source" ones to use the NVI method.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial