Question:
I want to make Catalyst 3560X my HTTP-server accessible
from the outside (it's located on my LAN).
HTTP-server listens on port TCP 80 on all
interfaces, IP address 192.168.112.17/24. (I can ping outside addresses from
this machine.) My router - Cisco 2951, here's a part of its config:
interface GigabitEthernet0/0
ip address W.A.N.IPAddress W.A.N.Netmask
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
ip address 192.168.112.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
ip forward-protocol nd
!
ip nat inside source list 1 interface
GigabitEthernet0/0 overload
ip nat inside source static tcp
192.168.112.17 80 W.A.N.IPAddress 80 extendable
ip route 0.0.0 .0
0.0.0.0 W.A.N.GatewayIP
!
access-list 1 permit 192.168.X.0 0.0.0 .255
access-list 1 permit 192.168.112.0 0.0.0 .255
access-list 1 permit 192.168.Z.0 0.0.0 .255
access-list 101 permit tcp any host
W.A.N.IPAddress eq www
So I cannot reach the server from the
outside. The router responds to pings (ICMP echo packets). I'm entering
router's W.A.N.IPAddress in my browser's address field and there's no result.
Help me, please!
Answer:
Here is simple config:
ip nat inside source static tcp
192.168.112.17 80 46.45.33.X 80
As WAN IP address for server here you need
to use one spare address from your scope e.g. 46.45.33.5 as you have big enough
subnet /25.
Also I would not recommend to Catalyst 3560X Price post here
real Public IP addresses.
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f31.shtml
没有评论:
发表评论