I have a server statically NAT’d using a registered IP address and it is accessible from the outside. The problem is I cannot access my server from the inside using the registered IP address with a host computer that is connected on the same LAN as my server.
I tried to deactivate ACL and CBAC, I also tried to create some route maps but there is no way I can make it work.
I’m new to Cisco and now I ‘m start thinking that may be it is a wanted behavior, so I need to know if it is possible but also a bad idea to connect from the same LAN on my NAT’d server using the public address.
Thank you.
P.S. I don't have any problem connecting to the server using its private address.
Best Answer
Remember, when your firewall/router/whatever is doing NATing, the internal box that has a public IP NATed to it doesn't know anything about the NATed address.
So, in order for this to work, your packet has to leave your internal LAN, go out to the external network, then come back in via the firewall/router/whatever that's doing the NATing, and finally be handed to the internal box (which, again, doesn't generally know anything about the NATing).
There are some work-arounds that are possible (see Cisco
aliascommand, if you're using Cisco), but in general it's not really something you want to do.This is why most networks that contain internal hosts and externally accessible (public) hosts will maintain separate DNS servers for internal and external hosts. You can setup your external DNS server so that www.example.com points to your external IP, and setup your internal DNS server so that www.example.com point so your internal IP. If you're using BIND, then
viewsmake this quite easy.