[Config] NAT static - dslreports.com

Author	All Replies
khuyenht join:2008-05-15	[Config] NAT static Hi all, My company has 1 web server for test, I am using the cisco 2691 to public this web. Command : ip nat inside source static tcp 10.68.x.x 443 222.255.x.x 443 extendable The outside network can connect to inside network by the URL:abc.com and the domain abc.com = 222.255.x.x But inside network can't connect to this URL:abc.com. The browser notice :Unable to connect Do you have any ideas ? I want outside network and inside network can open the same URL:abc.com Thanks so much
khuyenht join:2008-05-15	to forum · permalink · · 2008-05-15 23:24:56 ·
elnino join:2006-08-27 Akron, OH	As far as I know, the Cisco routers don't have the DNS rewrite like the PIX/ASA do. So, the inside users have to connect to the inside IP, not the external IP. You can either accomplish this by running an internal DNS server or modify the hosts file on your company's computers.
elnino join:2006-08-27 Akron, OH	to forum · permalink · · 2008-05-15 23:55:50 ·
khuyenht join:2008-05-15	Hi Elnino, When i configure the NAT static as: ip nat inside source static 10.68.x.x 222.255.x.x the both outside and inside network can open my website . But when configure it all the port will be forward to inside local. Could you please tell why this configure can open my website from inside and outside? I think the most difference between ip nat inside source static 10.68.x.x 222.255.x.x ip nat inside source static tcp 10.68.x.x 443 222.255.x.x 443 extendable One forward all port to local and one forward only one port 443 to loacal!!! Thanks so much
khuyenht join:2008-05-15	to forum · permalink · · 2008-05-18 21:24:41 ·
mr_dirt join:2006-02-14 Denver, CO 1 edit	reply to elnino NAT is one of the worst-documented aspects of IOS. IOS NAT offers DNS re-write, so that static NAT entries, if an external NAT is queried for a static NATed host, will provide the internal address. The only mention I've ever seen for this is on this page: »www.cisco.com/en/US/technologies···2b9.html There is a line with no link to docs or any futher informations, that reads, "DNS "A" and "PTR" queries". Amazingly enough, (and for the love of God, I can't understand why no one has bothered to write anything more) IOS intercepts DNS queries for any host that it carries a static NAT for, and replies with the NAT inside address. I've done some limited testing of this, and it seems to work, but I've never applied it in fear that it will mysteriously stop working.
mr_dirt join:2006-02-14 Denver, CO 1 edit	to forum · permalink · · 2008-05-18 23:35:20 ·
Euphrates join:2007-04-30 Bellingham, WA	reply to khuyenht I was doing some reading and came across this article: »cisco.com/en/US/docs/ios/12_4t/1···dns.html If it helps, yay, if not...
Euphrates join:2007-04-30 Bellingham, WA	to forum · permalink · · 2008-05-19 01:42:38 ·


Wednesday, 25-Nov 21:57:55	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF