[CLUE-Tech] cisco 678 -- web server
Dave Anselmi
anselmi at americanisp.net
Sun Feb 10 13:06:36 MST 2002
jason at matchingmoms.com wrote:
[...]
> I can surf the web from all three boxes. I can also surf the web from my
> Windows 98 box through its 56K modem. My Linux web server serves pages to
> all three boxes when summoned using its private address (192.168.0.200).
>
> I can ping 63.231.83.57 and 63.231.83.254 (one of these should be the
> outside address of the router) from any box. However, pointing my browser
> from any box to either of these 63.x.x.x addresses causes the browser to
> spin and spin. My httpd and message logs are functioning properly (they
> catch messages in other cases, but not here) and show nothing.
The piece you are missing is DNAT to your webserver. DNAT changes the
destination address on incoming connections. I can ping your router, but port
80 isn't open on it (because its built in webserver is disabled and there's no
DNAT entry).
The way to set up DNAT on a 678 is like this:
set nat entry add <internal ip> <internal port> <external ip> <external port>
<tcp|udp>
You can leave out the external ip and port, but I'm not sure how well that
will work - a windows server I tried it with didn't.
Now, you are doing NAT at your 678. Are you also doing it on the firewall?
If so, you will have to have a NAT entry from the 678 to 10.0.0.2 and then one
from the firewall to 192.168.0.200. You don't have to run NAT on your
firewall, but then you'll have to have its routing (and the 678's) set up
correctly (up to you which you think is more complicated).
The external address you care about is 63.261.83.57. The 63.261.83.254 is the
other end of your 678's ppp connection - your ISP's hardware.
HTH,
Dave
More information about the clue-tech
mailing list