1

I'm configuring a small network at work, and I have some problem.

  • We're assigned 4 external IPs. I have them in range 173.228.60.35 to 173.228.60.38.
  • I mapped one of the global IPs to local IP by NAT, by so that I can access the machine from the outside network. In Cisco configuration, it was ip nat inside source static 192.168.24.52 173.228.60.37

And I configured other settings, and opened up other ports so I can ssh into the machine. However, the problem is, I cannot access the local machine 192.168.24.52 by the ip 173.228.60.37.

I was wondering if it's possible to access the local machine by the global IP.

Jeeyoung Kim
  • 229
  • 2
  • 8
  • 1
    I'm not following. 173.228.60.35 and 173.228.60.38 are both external addresses. Are you trying to map 173.228.60.35 to 173.228.60.38, or to 192.168.24.52? Also, you put 173.228.60.37 in your cisco line, so that's also confusing. – Satanicpuppy May 17 '11 at 19:28

2 Answers2

1

Ciscos don't allow access to external NAT address from inside. The traditional way to solve this is by using split DNS: when resolving the name of the server in question, external users should receive 173.228.60.37, and internal users should receive 192.168.24.52.

Max Alginin
  • 3,284
  • 15
  • 11
0

DNS is by far the simplest - resolve to the internal IP internally - but there are other options. You can use policy-based routing to get the traffic to actually translate, though it might require a loopback as the actual NAT interface.

Bryan Redd
  • 36
  • 1