Options
NAT question
Sorry about the quilit of the attached digram but i hope you can see i have an internal network consisting of 4 areas
inside, dmz, nework utilities and the outside
I have a wbserver sitting in the DMZ, which has its address NAT'ed to a static public address as follows
#ip nat inside source static tcp 172.17.1.11 80 w.x.y.z 80 extendable
this works fine for external clients comming in to the webserve.
but my issue is when clients on the inside network try to browes to the
w.x.y.z address, they get a time out error.
Becasue other public web point to my webserver, uses on the inside network need to be able to get to this sever using the external IP address/domain name.
how can i make it so as the inside uses go out to the internet to w.x.y.z, they are redirected to 172.17.1.11. in effect I need to NAT between two inside NAT interfaces?
Any ideas?
PS, hope that makes sence
inside, dmz, nework utilities and the outside
I have a wbserver sitting in the DMZ, which has its address NAT'ed to a static public address as follows
#ip nat inside source static tcp 172.17.1.11 80 w.x.y.z 80 extendable
this works fine for external clients comming in to the webserve.
but my issue is when clients on the inside network try to browes to the
w.x.y.z address, they get a time out error.
Becasue other public web point to my webserver, uses on the inside network need to be able to get to this sever using the external IP address/domain name.
how can i make it so as the inside uses go out to the internet to w.x.y.z, they are redirected to 172.17.1.11. in effect I need to NAT between two inside NAT interfaces?
Any ideas?
PS, hope that makes sence
- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com
Comments
-
Options
DevilWAH
Member Posts: 2,997 ■■■■■■■■□□
I was wondering if it is possible using the NVI interface version of doing NAT, where you dont have inside and outside interfaces.
and second do you have a link for some documentation, i seem to find what it is and complex setups from google. I ahvent realyl had a chance to look yet as I am at work, but if you do have a limnk to save time I would be greatfull.
Cheers- If you can't explain it simply, you don't understand it well enough. Albert Einstein
- An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Linkin Profile - Blog: http://Devilwah.com
