No announcement yet.

Viewing web server from my LAN

  • Filter
  • Time
  • Show
Clear All
new posts

  • Viewing web server from my LAN


    Iím using a cisco VA887, and I have a LAN internal web server mapped,
    ip nat inside source static tcp 80 interface Dialer0 80
    when Iím positioning outside the internet I can see my website, but I canít see my webserver from my LAN using my public static IP address,
    Thank you for your help

    interface Vlan1
     description interface LAN
     ip address
     ip access-group 101 in
     ip flow ingress
     ip nat inside
     ip virtual-reassembly in
     ip tcp adjust-mss 1412
    access-list 101 remark Auto generated by SDM Management Access feature
    access-list 101 remark CCP_ACL Category=1
    access-list 101 permit ip any

  • #2
    Re: Viewing web server from my LAN

    This is sometimes called a "hairpin NAT" scenario (inside traffic to an outside address is NATed back to the inside), and unless I'm very much mistaken, there's no way to handle this with Cisco routers.

    When you access the public IP address from a client on the internal network, the traffic is NATed back to the internal web server. The packets received by the web server will then have a source IP address inside the same network, so the web server sends replies directly to the client without going through the router. The client, however, expects a reply from the outside address, and discards the packet.

    A common workaround is to create a DNS zone on the internal network with the (external) name of the web server, and point a default A record to its internal IP address.