Here's a brain teaser for you current and aspiring CCIE's.
I have a client which currently has a linksys router which they would
like to replace with a Cisco SR520W.
They have a simple network with clients and servers on the same inside
network that get's NAT'd to a single public IP address on the outside
connection to the internet.
They have a database server on the inside network that is accessible
from both the internet and inside users.
The client software has the public IP of the database hard-coded into
the application.
Clients on the internet can access the database, but clients
internally can not. I am positive it is because the NAT fails when a
client on the inside tries to connect to the public IP of the server.
I found this Cisco document that explains the situation perfectly. In
fact, it seems the PIX/ASA supports hairpinning using the alias
command:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml
Question:
Is there a command on an IOS router that is similar to the PIX alias
command that would translate the destination address of the database
from the public IP to the internal IP?
If not, can this be done with some sort of NAT on a stick or policy
based routing?
Please note: DNS doctoring, split DNS, or any manipulation of the DNS
entry would have no effect here because the public IP of the database
server is hard-coded into the client application.
Thanks very much,
Gregory Gombas
CCIE# 19649
Blogs and organic groups at http://www.ccie.net
Received on Sun Feb 28 2010 - 10:31:46 ART
This archive was generated by hypermail 2.2.0 : Mon Mar 01 2010 - 06:28:36 ART