cisco 827 statici IP address translation for web server 1

[deriegel]

Trying to use NAT to route static IP address to inside web server new to Nat and need help this is my config below
Thanks

ip subnet-zero
no ip domain-lookup
!
bridge irb
!

interface Ethernet0
ip address 10.10.10.2 255.255.255.0
no ip directed-broadcast
no shut
ip nat inside
!
interface ATM0
no ip address
no shut
no ip directed-broadcast
no atm ilmi-keepalive
bundle-enable
bridge-group 1
!
interface BVI1
ip address 65.7.133.218 255.255.255.0
ip nat outside
!
ip nat inside source list 1 interface BVI1 overload
ip nat inside source static tcp 10.10.10.1 80 65.7.133.218 80 extendable
ip classless
ip route 0.0.0.0 0.0.0 209.149.96.65
!
acess-list 1 permit 10.10.10.0.255
!
interface ATM0.1 point-to-point
no ip directed-broadcast
pvc 8/35

encapsulation aal5mux ppp dialer

dialer pool-member 1

interface Dialer1
ip address negotiated
ip nat outside

!
no ip directed-broadcast
encapsulation ppp
dialer pool 1
ppp chap hostname xxxxx
ppp chap password xxxxx

ip subnet-zero
ip route 0.0.0.0 0.0.0.0 Dialer1
ip nat inside source list 1 interface dialer1 overload
access-list 1 permit 10.10.10.0 0.255.255.255
bridge 1 portocol ieee
bridge 1 route ip
!

 

[TravisM]

First you need to add the translation;

ip nat source static a.b.c.d Dialer1
the a.b.c.d should be the IP address of your internal web server. If you have other external ip addresses that are being routed through that interface by your provider, you could give it a specific IP like;

ip nat source static a.b.c.d a.b.c.d
^Web ^Outside
server IP

Looking at your config I'm guessing that the web server internal addres is 10.10.10.1 and the external IP is 65.7.133.218? Something doesn't seem right with that though becase I can ping that address just fine. Anyway, I'd just use the command simply as

ip nat source static 10.10.10.1 65.7.133.218

Then add

access-list 100 permit tcp any host 65.7.133.218 eq www

Then on the interface Dialer1 add

ip access-group 100 in

That should be the whole of it, I think.

 

[deriegel]

Still not working BellSouth FastAccess DSL Xtreme static ip is assigning the static ip address when you log in to the dialer not sure if there is a way around this to forward the static ip to the pc . Thanks

 

[Fuzznuts]

You can apply the rule to the dialer interface instead of an ie

ip nat source static 10.10.10.1 dialer1

the same would apply to the access-list but i spose once thats active your ip is in place so would be a moot point.

least i used to be able to do this on my old 2503 with isdn dialup.

 

[Fuzznuts]

just checked on my router ant the correct cmd is

ip nat inside source static tcp x.x.x.x 80 interface Dialer 1 80


been a while since i had to do it but that worked for me

 

[TravisM]

Sounds like consumer DSL access. Is it possible your ISP is blocking that port for inbound traffic? Try changing the command to

ip nat inside source static tcp a.b.c.d 80 Dialer1 5312

Or some other arbitrary number. Then try making an HTTP connection to that port instead of 80. They may be blocking well known ports to keep you from running services on your DSL line. (Could be ToS violation) Also try pinging the static IP from another location to see if it's nating, but just not on that port.