Announcement

Collapse
No announcement yet.

Can not port forward to web server

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Can not port forward to web server

    Dear

    My cisco 1760 router with WIC-1ADSL card and IOS 12.3 has fast ethernet address 192.168.1.254 and a dynamic global IP address. A server on the LAN with the Apache webserver has address 192.168.1.100 and has the dyndns updater installed and it works fine. I have the IOS running config as below with NAT and port address translation PAT to the webserver with address 192.168.1.100 and tcp port 80, but from the Internet, the dyndns host name does not resolve to this page. Is there a mistake in the config?

    Thx
    Jeroen


    version 12.3
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname c1760
    !
    boot-start-marker
    boot-end-marker
    !
    enable password xxxx
    !
    mmi polling-interval 60
    no mmi auto-configure
    no mmi pvc
    mmi snmp-timeout 180
    no aaa new-model
    ip subnet-zero
    ip cef
    !
    ip dhcp excluded-address 192.168.1.254
    ip dhcp excluded-address 192.168.1.1
    !
    ip dhcp pool dsl1
    network 192.168.1.0 255.255.255.0
    default-router 192.168.1.254
    dns-server 212.71.8.10 212.71.0.33
    !
    ip name-server 212.71.8.10
    ip name-server 212.71.0.33
    no ftp-server write-enable
    !
    interface ATM0/0
    no ip address
    load-interval 30
    no atm ilmi-keepalive
    dsl operating-mode auto
    pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    !
    interface FastEthernet0/0
    ip address 192.168.1.254 255.255.255.0
    ip nat inside
    speed auto
    !
    interface Dialer0
    ip address negotiated
    ip nat outside
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    ppp authentication chap callin
    ppp chap hostname [email protected]
    ppp chap password xxxxxx
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer0
    no ip http server
    ip nat inside source list 1 interface Dialer0 overload
    ip nat inside source static tcp 192.168.1.100 80 interface Dialer0 80
    !
    access-list 1 permit any
    dialer-list 1 protocol ip permit
    !
    control-plane
    !
    line con 0
    line aux 0
    line vty 0 4
    login
    !
    end

  • #2
    Re: Can not port forward to web server

    Hiya,
    Just a small thing, are we sure the Dynamic DNS updating is working fine?
    To confirm can you check your External Dynamic IP (or here).

    Run the DynDNS program. Does it run successfully?


    Next can you recall the nameserver DynDNS uses/gave you? You would have had to use it if/when registering your Domain name.
    We want to run
    Code:
    nslookup
    to test to see what IP address your Domain resolves to. Testing the DynDNS nameserver directly is best as some DNS servers may not update for anything up to 48 hours. (This is why we don't just ping your domain.)
    With nslookup open type:
    Code:
    server <IPaddressofDynDNSNameServerhereinsteadofthistext>
    now input your domain name.
    Does the response match your external IP?


    All ok so far? If not where did it fall down?
    I don't know anything about (you or your) computers.
    Research/test for yourself when listening to free advice.

    Comment


    • #3
      Re: Can not port forward to web server

      Maebe

      I have tried all of that and dyndns seems to work fine, the dyndns updater indicates the right global IP address. With the web server online and port forwarding entered in the Cisco router, even when I enter the global IP address in my web browser, it will not show my web page. Somehow I have the idea that the port forwarding does not work properly.

      My server is a dual xeon 1.7GHz and I am using a Cisco 2900XL switch.

      Thx
      Jeroen

      Comment


      • #4
        Re: Can not port forward to web server

        I dont see an access-list permiting web traffic inbound.


        access-list 101 permit tcp any "your public ip " eq www

        access-group 101 in (outside interface)

        Remember NAT order of operation

        ACL is checked first

        Then the nat statement
        CCNP,MCSA (Win2k),Net +,A+

        Comment

        Working...
        X