Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Help Accessing lan resources through wan ip behind cisco 831 router

Status
Not open for further replies.
rchacon1

rchacon1

MIS
Oct 11, 2007
1
US
I have a Cisco 831 router and cant access my local web server through FQDN. If i point my browser to my FQDN it reaches the Cisco 831 CRWS instead. Here is my current config...

version 12.4
!
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Cisco-831
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$b7nI$YUoB4NyEm8Crg5iJsE28Y0
!
no aaa new-model
!
resource policy
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.7.1
ip dhcp excluded-address 192.168.7.151 192.168.7.254
ip dhcp excluded-address 192.168.7.201
ip dhcp excluded-address 192.168.7.10
ip dhcp excluded-address 192.168.7.202
ip dhcp excluded-address 192.168.7.12
ip dhcp excluded-address 192.168.7.7
!
ip dhcp pool CLIENT
network 192.168.7.0 255.255.255.0
default-router 192.168.7.1
dns-server 24.93.41.125 24.93.41.126
lease 0 2
!
!
ip cef
ip name-server 24.93.41.125
ip name-server 24.93.41.126
!
!
!
partition flash 2 10 2
!
username xxxx privilege 15 secret 5 $1$cOlC$3fw6EpG3BlQjxeBZ6LtTG/
!
!
!
!
!
interface Ethernet0
ip address 192.168.7.1 255.255.255.0 secondary
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly
no ip mroute-cache
no cdp enable
hold-queue 32 in
!
interface Ethernet1
ip address xx.xx.xx.xx 255.255.255.248
ip nat outside
ip virtual-reassembly
no ip mroute-cache
duplex auto
no cdp enable
!
interface Ethernet2
no ip address
shutdown
!
interface FastEthernet1
duplex auto
speed auto
!
interface FastEthernet2
duplex auto
speed auto
!
interface FastEthernet3
duplex auto
speed auto
!
interface FastEthernet4
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 71.42.130.x
ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http max-connections 4
ip http timeout-policy idle 600 life 86400 requests 10000
!
ip nat inside source list 102 interface Ethernet1 overload
ip nat inside source static tcp 192.168.7.7 6500 interface Ethernet1 6500
ip nat inside source static tcp 192.168.7.12 5500 interface Ethernet1 5500
ip nat inside source static tcp 192.168.7.12 6200 interface Ethernet1 6200
ip nat inside source static tcp 192.168.7.10 3389 interface Ethernet1 3389
ip nat inside source static tcp 192.168.7.202 443 interface Ethernet1 443
ip nat inside source static tcp 192.168.7.202 80 interface Ethernet1 80
ip nat inside source static tcp 192.168.7.10 21 interface Ethernet1 21
ip nat inside source static tcp 192.168.7.201 25 interface Ethernet1 25
!
access-list 23 permit 192.168.7.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 102 permit ip 192.168.7.0 0.0.0.255 any
!
control-plane
!
!
line con 0
exec-timeout 120 0
login local
no modem enable
stopbits 1
line aux 0
line vty 0 4
access-class 23 in
exec-timeout 120 0
login local
length 0
!
scheduler max-task-time 5000
end
 
Sort by date Sort by votes
yea, i see that all the time. I'm hosting my own websites off of dsl and run into the same problem. I wonder if somebody has any ideas..or tricks.. besides updating host statements..

 
Upvote 0 Downvote
ya your pretty much going to have to do as dan says.. either update your host file on your pc.. or if you can run an internal dns server that would work too..

but your router will not let you access the public ip if the router.

i havent thought to hard about it but i suppose if you had a static ip you could write an access-list and tell the router not to nat requests from source LAN destination WAN IP...

personally i just edit the host file for the sites i host.
c:\windows\system32\drivers\etc\hosts
just use notepad... its a text file.
 
Upvote 0 Downvote
etc\hosts???

Wow---never knew that existed in Windblows...just in UNIX...

Burt
 
Upvote 0 Downvote
yep same thing as unix..
youde be surprised how many exploits out there today i find go to that file and fill it with bogus entries..

they put in ips for most security applications so that they cannot reach the servers online.. tricking them into thinking liveupdate.symantec.com is really 127.0.0.1 etc

that file will be checked before dns so it will override what your isps dns.
 
Upvote 0 Downvote
Nice! Someone that's smart enough to Google the exploits and too stupid that get fooled into thinking that the internal loopback address is symantec.com...I like that.

Burt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
209
Jared R
Jared R
pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
230
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
213
madwok
madwok
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
214
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
269
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top