Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: question on NAT box

question on NAT box 7 years 1 month ago #32425

  • ceaser
  • ceaser's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Why is it that an HTTP Client (eg Mozilla, Firefox ) works very well behind a NAT box but a webserver does not?
The administrator has disabled public write access.

Re: question on NAT box 7 years 1 month ago #32426

  • Kajitora
  • Kajitora's Avatar
  • Offline
  • Frequent Member
  • Posts: 40
  • Karma: 0
Ceaser,

I am making the assumption that you are talking about a many to one(You have one public ip address that many computer use to talk to the internet). Its all about which way the connection is coming from. Let me give an example.

Assume the following:
(PC) - > (Private)(Router W/NAT)(Public) - > Website

So your PC, with a private Ip address gos to talk to the website. It sends the packet to your router which then records that conversation in its translation table and drops the private ip address to replace it with its public one. It uses the Source port on the packet to keep track of it.

Lets now reverse

(Webserver) <- (Private)(Router W/NAT)(Public) <- (PC)

Your PC still needs to talk to the Public Ip address of the router, but when the router receives the packet it does not know which Private IP address to send it to.

But you are not with out a solution! You can use port forwarding on your router to forward any traffic with the destination port of 80 (HTTP) to the private ip address of your webserver. This normally works pretty well for me. If you need assistance let us know what kind of hardware you are using and we can advice further.
itgamers.blogspot.com
The administrator has disabled public write access.

Re: question on NAT box 7 years 1 month ago #32427

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
It can work very well for a web server too, but it requires a port/IP forwarding configuration (which usually doesn't come by default). Once it's configured correctly it can work smoothly.

I might have misunderstood your question, if so, please explain ceaser.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.

DMZ works as well... 7 years 2 weeks ago #32729

  • katzebnt
  • katzebnt's Avatar
  • Offline
  • New Member
  • Posts: 16
  • Karma: 0
It can work very well for a web server too, but it requires a port/IP forwarding configuration (which usually doesn't come by default). Once it's configured correctly it can work smoothly.

I might have misunderstood your question, if so, please explain ceaser.

Agree with S0lo, port forwarding works well. You can also put your server in the router's DMZ. Be warned though that you're really putting your server out in the open, be sure to enable firewall, virus protection if necessary, etc. Hope this helps as well. :)
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup