Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DNS and NAT help?

Status
Not open for further replies.
SQL2KDBA69

SQL2KDBA69

Programmer
Feb 4, 2004
227
US
I have a name server on my local network and i cant get any resolution from the ouside. only from the inside.

here is my edited config file contain my nat traslation :


Building configuration...

Current configuration : 1610 bytes
!
! Last configuration change at 15:14:09 PST Mon May 17 2004
! NVRAM config last updated at 14:20:47 PST Mon May 17 2004
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Cisco1720
!
no logging buffered
enable secret 5
!
memory-size iomem 25
clock timezone PST -8
ip subnet-zero
ip name-server 4.2.2.2
ip dhcp excluded-address 67.131.68.49
ip dhcp excluded-address 67.131.68.50
!
ip dhcp pool SMARTCHEX
network 67.131.68.48 255.255.255.248
default-router 67.131.68.49
dns-server 205.171.3.65
domain-name SMARTCHEX
!
ip dhcp-server 67.131.68.49
!
!
!
interface FastEthernet0
ip address 67.131.68.49 255.255.255.248
ip nat inside
speed auto
full-duplex
!
interface Serial0
ip address 67.131.204.134 255.255.255.252
ip access-group 100 in
ip nat outside
service-module t1 timeslots 1-24
!
ip local pool SMARTCHEX 67.131.68.48 67.131.68.55
ip nat inside source list 99 interface Serial0 overload
ip nat inside source static tcp 67.131.68.50 443 interface Serial0 443
ip nat inside source static udp 67.131.68.50 53 interface Serial0 53
ip classless
ip route 0.0.0.0 0.0.0.0 67.131.204.133
no ip http server
!
access-list 99 permit any
access-list 100 permit ip any any
!
line con 0
session-timeout 20
exec-timeout 60 0
password
logging synchronous
login
line aux 0
session-timeout 20
exec-timeout 60 0
password
login
line vty 0 4
session-timeout 20
exec-timeout 60 0
password
login
transport input none
!
no scheduler allocate
end

that is my conf file with passwords removed, so i can resolve from the local network but can from the internet with using nat. please help me asap.
 
Sort by date Sort by votes
If you drop the Access-list 100 from the outside interface does it work?

david e
*end users are just like computers, some you can work with...others just need a simple reBOOTing to fix their problems.*
 
Upvote 0 Downvote
I would try to configure one more port forwarding statement:

ip nat inside source static TCP 67.131.68.50 53 interface Serial0 53

since DNS uses UDP as well as TCP

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.
 
Upvote 0 Downvote
its only works if i remove nat all together and just use the access list.
 
Upvote 0 Downvote
Well if it works without NAT, why do you even bother using it? Also the access-list you are saying you use is for nothing anyway, because it permits everything.

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
261
Jared R
Jared R
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
427
BIS
BIS
Lccarter
  • Locked
  • Question
Cisco CUCM Provisioning and Order Management System
Replies
1
Views
185
Lccarter
Lccarter
bfordz
  • Locked
  • Question
new help on setting up third party VoIP phones through Catalyst 2960x switch
Replies
0
Views
131
bfordz
bfordz
DigiByte34
  • Locked
  • Question
Need Help Cisco AAA to any RADIUS Software
Replies
9
Views
267
DigiByte34
DigiByte34

Part and Inventory Search

Sponsor

Back
Top