Question

Locked

Help! Issue with VNC & OWA behind a Cisco Router

By erickcline ·
Any help would be greatly appreciated!

I just recently configured a Cisco 831 router for our office. Everything works great except we cannot access Outlook Web Access internally and I cannot VNC to any PC on the LAN unless I use the private IP. When I use the public IP it will not work. But VNC and OWA works great from an external network. We had no problem with this setup using a Linksys router.

Thank you all very much for you time! Here is the config:

Current configuration : 15197 bytes
1 : !
2 : ! Last configuration change at 21:45:52 EDT Sun Oct 17 2010 by Erick
3 : ! NVRAM config last updated at 23:34:45 EDT Sat Oct 16 2010 by Erick
4 : !
5 : version 12.3
6 : no service pad
7 : service timestamps debug uptime
8 : service timestamps log uptime
9 : service password-encryption
10 : !
11 : hostname CompanyName-Office
12 : !
13 : logging buffered 4096 debugging
14 : no logging console
15 : enable secret 5 $1$qnhI$OtIG2JAxClmibdhCCyiay1
16 : !
17 : username Erick privilege 15 secret 5 $1$nsDk$lqCYacgqD2VoeyZ2tIZ.o.
18 : username Phil privilege 15 secret 5 $1$UqFI$xo389e.MavZhWmf92H0vy1
19 : username CompanyName password 7 00280A05540A5B
20 : clock timezone EST -5
21 : clock summer-time EDT recurring
22 : no aaa new-model
23 : ip subnet-zero
24 : no ip source-route
25 : ip domain name office.CompanyNameonline.com
26 : ip name-server xxx.xxx.xxx.xxx
27 : ip name-server xxx.xxx.xxx.xxx
28 : ip dhcp excluded-address 192.168.1.1
29 : ip dhcp excluded-address 192.168.1.2
30 : ip dhcp excluded-address 192.168.1.3
31 : ip dhcp excluded-address 192.168.1.4
32 : ip dhcp excluded-address 192.168.1.5
33 : ip dhcp excluded-address 192.168.1.159
34 : ip dhcp excluded-address 192.168.1.160
35 : ip dhcp excluded-address 192.168.1.161
36 : ip dhcp excluded-address 192.168.1.162
37 : ip dhcp excluded-address 192.168.1.163
38 : ip dhcp excluded-address 192.168.1.164
39 : ip dhcp excluded-address 192.168.1.165
40 : ip dhcp excluded-address 192.168.1.166
41 : ip dhcp excluded-address 192.168.1.167
42 : ip dhcp excluded-address 192.168.1.168
43 : ip dhcp excluded-address 192.168.1.169
44 : !
45 : ip dhcp pool CompanyName-CLIENTS
46 : import all
47 : default-router 192.168.1.1
48 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
49 : netbios-name-server 192.168.1.100
50 : lease 7
51 : !
52 : ip dhcp pool CompanyName-SERVER-OFFICE
53 : import all
54 : host 192.168.1.100 255.255.255.0
55 : client-identifier 0100.1676.ad34.05
56 : client-name CompanyName-SERVER-OFFICE
57 : default-router 192.168.1.1
58 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
59 : netbios-name-server 192.168.1.100
60 : lease infinite
61 : !
62 : ip dhcp pool CompanyName-PHONE-1001
63 : import all
64 : host 192.168.1.101 255.255.255.0
65 : hardware-address 0004.f21d.1f4c
66 : client-name CompanyName-PHONE-1001
67 : default-router 192.168.1.1
68 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
69 : netbios-name-server 192.168.1.100
70 : lease infinite
71 : !
72 : ip dhcp pool CompanyName-PHONE-1002
73 : import all
74 : host 192.168.1.102 255.255.255.0
75 : hardware-address 0004.f21d.7453
76 : client-name CompanyName-PHONE-1002
77 : default-router 192.168.1.1
78 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
79 : netbios-name-server 192.168.1.100
80 : lease infinite
81 : !
82 : ip dhcp pool CompanyName-PHONE-1003
83 : import all
84 : host 192.168.1.103 255.255.255.0
85 : hardware-address 0004.f21d.2016
86 : client-name CompanyName-PHONE-1003
87 : default-router 192.168.1.1
88 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
89 : netbios-name-server 192.168.1.100
90 : lease infinite
91 : !
92 : ip dhcp pool CompanyName-PHONE-1004
93 : import all
94 : host 192.168.1.104 255.255.255.0
95 : hardware-address 0004.f21d.1cf6
96 : client-name CompanyName-PHONE-1004
97 : default-router 192.168.1.1
98 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
99 : netbios-name-server 192.168.1.100
100 : lease infinite
101 : !
102 : ip dhcp pool CompanyName-PHONE-1005
103 : import all
104 : host 192.168.1.105 255.255.255.0
105 : hardware-address 0004.f21d.20ca
106 : client-name CompanyName-PHONE-1005
107 : default-router 192.168.1.1
108 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
109 : netbios-name-server 192.168.1.100
110 : lease infinite
111 : !
112 : ip dhcp pool CompanyName-PHONE-1006
113 : import all
114 : host 192.168.1.106 255.255.255.0
115 : hardware-address 0004.f21d.1f8a
116 : client-name CompanyName-PHONE-1006
117 : default-router 192.168.1.1
118 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
119 : netbios-name-server 192.168.1.100
120 : lease infinite
121 : !
122 : ip dhcp pool CompanyName-PHONE-1007
123 : import all
124 : host 192.168.1.107 255.255.255.0
125 : hardware-address 0004.f21d.1e8e
126 : client-name CompanyName-PHONE-1007
127 : default-router 192.168.1.1
128 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
129 : netbios-name-server 192.168.1.100
130 : lease infinite
131 : !
132 : ip dhcp pool CompanyName-PHONE-1008
133 : import all
134 : host 192.168.1.108 255.255.255.0
135 : hardware-address 0004.f224.9f67
136 : client-name CompanyName-PHONE-1008
137 : default-router 192.168.1.1
138 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
139 : netbios-name-server 192.168.1.100
140 : lease infinite
141 : !
142 : ip dhcp pool CompanyName-PHONE-1009
143 : import all
144 : host 192.168.1.109 255.255.255.0
145 : hardware-address 0004.f21d.7726
146 : client-name CompanyName-PHONE-1009
147 : default-router 192.168.1.1
148 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
149 : netbios-name-server 192.168.1.100
150 : lease infinite
151 : !
152 : ip dhcp pool CompanyName-CONNIE
153 : import all
154 : host 192.168.1.150 255.255.255.0
155 : client-identifier 0100.188b.7a37.98
156 : client-name CompanyName-CONNIE
157 : default-router 192.168.1.1
158 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
159 : netbios-name-server 192.168.1.100
160 : lease infinite
161 : !
162 : ip dhcp pool CompanyName-KEN
163 : import all
164 : host 192.168.1.151 255.255.255.0
165 : client-identifier 0100.188b.7a0d.2d
166 : client-name CompanyName-KEN
167 : default-router 192.168.1.1
168 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
169 : netbios-name-server 192.168.1.100
170 : lease infinite
171 : !
172 : ip dhcp pool CompanyName-JESS
173 : import all
174 : host 192.168.1.152 255.255.255.0
175 : client-identifier 0000.0000.0001
176 : client-name CompanyName-JESS
177 : default-router 192.168.1.1
178 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
179 : netbios-name-server 192.168.1.100
180 : lease infinite
181 : !
182 : ip dhcp pool CompanyName-CONNIE2
183 : import all
184 : host 192.168.1.153 255.255.255.0
185 : client-identifier 0100.1676.def5.b1
186 : client-name CompanyName-CONNIE2
187 : default-router 192.168.1.1
188 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
189 : netbios-name-server 192.168.1.100
190 : lease infinite
191 : !
192 : ip dhcp pool CompanyName-STEVE
193 : import all
194 : host 192.168.1.154 255.255.255.0
195 : client-identifier 0100.19b9.600d.dc
196 : client-name CompanyName-STEVE
197 : default-router 192.168.1.1
198 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
199 : netbios-name-server 192.168.1.100
200 : lease infinite
201 : !
202 : ip dhcp pool CompanyName-ANDY
203 : import all
204 : host 192.168.1.155 255.255.255.0
205 : client-identifier 0100.1676.ad34.05
206 : client-name CompanyName-ANDY
207 : default-router 192.168.1.1
208 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
209 : netbios-name-server 192.168.1.100
210 : lease infinite
211 : !
212 : ip dhcp pool CompanyName-ERICK
213 : import all
214 : host 192.168.1.156 255.255.255.0
215 : client-identifier 0100.2564.924a.38
216 : client-name CompanyName-ERICK
217 : default-router 192.168.1.1
218 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
219 : netbios-name-server 192.168.1.100
220 : lease infinite
221 : !
222 : ip dhcp pool CompanyName-DONNA
223 : import all
224 : host 192.168.1.157 255.255.255.0
225 : client-identifier 0100.1ec9.2a5d.3b
226 : client-name CompanyName-DONNA
227 : default-router 192.168.1.1
228 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
229 : netbios-name-server 192.168.1.100
230 : lease infinite
231 : !
232 : ip dhcp pool CompanyName-JASON
233 : import all
234 : host 192.168.1.158 255.255.255.0
235 : client-identifier 0100.40ca.951c.73
236 : client-name CompanyName-JASON
237 : default-router 192.168.1.1
238 : dns-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
239 : netbios-name-server 192.168.1.100
240 : lease infinite
241 : !
242 : no ip bootp server
243 : ip inspect name Blocked-Websites http urlfilter audit-trail off
244 : ip urlfilter allow-mode on
245 : ip urlfilter exclusive-domain deny www.youtube.com
246 : ip urlfilter exclusive-domain deny www.mlb.com
247 : ip urlfilter exclusive-domain deny www.facebook.com
248 : ip urlfilter exclusive-domain deny www.zynga.com
249 : ip urlfilter exclusive-domain deny www.hulu.com
250 : ip urlfilter exclusive-domain deny www.friendster.com
251 : ip urlfilter exclusive-domain deny espn.go.com
252 : ip urlfilter exclusive-domain deny www.wordpress.com
253 : ip urlfilter exclusive-domain deny www.myspace.com
254 : ip urlfilter exclusive-domain deny www.blogspot.com
255 : ip urlfilter exclusive-domain deny www.typepad.com
256 : ip urlfilter exclusive-domain deny www.nfl.com
257 : ip urlfilter exclusive-domain deny www.twitpic.com
258 : ip urlfilter exclusive-domain deny www.flickr.com
259 : ip urlfilter exclusive-domain deny www.espn.com
260 : ip urlfilter exclusive-domain deny www.megavideo.com
261 : ip urlfilter exclusive-domain deny www.imdb.com
262 : ip urlfilter exclusive-domain deny www.blogger.com
263 : ip urlfilter exclusive-domain deny www.cbssports.com
264 : ip urlfilter exclusive-domain deny www.photobucket.com
265 : ip urlfilter exclusive-domain deny www.match.com
266 : ip urlfilter exclusive-domain deny www.mywebsearch.com
267 : ip urlfilter exclusive-domain deny www.nba.com
268 : ip urlfilter exclusive-domain deny www.twitter.com
269 : ip audit notify log
270 : ip audit po max-events 100
271 : ip ssh break-string
272 : no ftp-server write-enable
273 : !
274 : !
275 : !
276 : !
277 : !
278 : class-map match-any VoIP
279 : match access-group name VoIP
280 : class-map match-any Web-Email
281 : match access-group name Web-Email
282 : !
283 : !
284 : policy-map QoS-VoIP
285 : class VoIP
286 : priority percent 75
287 : class Web-Email
288 : bandwidth remaining percent 25
289 : class class-default
290 : fair-queue
291 : !
292 : !
293 : !
294 : interface Ethernet0
295 : description LAN
296 : ip address 192.168.1.1 255.255.255.0
297 : ip access-group LAN->Router in
298 : ip access-group Router->LAN out
299 : no ip proxy-arp
300 : ip nat inside
301 : fair-queue
302 : no cdp enable
303 : hold-queue 100 out
304 : !
305 : interface Ethernet1
306 : description WAN
307 : bandwidth 6144
308 : ip address dhcp client-id Ethernet1
309 : ip access-group WAN->Router in
310 : ip access-group Router->WAN out
311 : no ip proxy-arp
312 : ip nat outside
313 : ip inspect Blocked-Websites out
314 : service-policy output QoS-VoIP
315 : no cdp enable
316 : !
317 : no ip nat service sip tcp port 5060
318 : no ip nat service sip udp port 5060
319 : ip nat inside source list 100 interface Ethernet1 overload
320 : ip nat inside source static tcp 192.168.1.158 5958 interface Ethernet1 5958
321 : ip nat inside source static tcp 192.168.1.157 5957 interface Ethernet1 5957
322 : ip nat inside source static tcp 192.168.1.156 5956 interface Ethernet1 5956
323 : ip nat inside source static udp 192.168.1.156 3356 interface Ethernet1 3356
324 : ip nat inside source static tcp 192.168.1.156 3356 interface Ethernet1 3356
325 : ip nat inside source static tcp 192.168.1.155 5955 interface Ethernet1 5955
326 : ip nat inside source static tcp 192.168.1.154 5954 interface Ethernet1 5954
327 : ip nat inside source static tcp 192.168.1.153 5953 interface Ethernet1 5953
328 : ip nat inside source static tcp 192.168.1.152 5952 interface Ethernet1 5952
329 : ip nat inside source static tcp 192.168.1.151 5951 interface Ethernet1 5951
330 : ip nat inside source static tcp 192.168.1.150 5950 interface Ethernet1 5950
331 : ip nat inside source static tcp 192.168.1.100 5901 interface Ethernet1 5901
332 : ip nat inside source static udp 192.168.1.100 3389 interface Ethernet1 3389
333 : ip nat inside source static tcp 192.168.1.100 3389 interface Ethernet1 3389
334 : ip nat inside source static udp 192.168.1.100 2883 interface Ethernet1 2883
335 : ip nat inside source static tcp 192.168.1.100 2883 interface Ethernet1 2883
336 : ip nat inside source static udp 192.168.1.100 1723 interface Ethernet1 1723
337 : ip nat inside source static tcp 192.168.1.100 1723 interface Ethernet1 1723
338 : ip nat inside source static udp 192.168.1.100 993 interface Ethernet1 993
339 : ip nat inside source static tcp 192.168.1.100 993 interface Ethernet1 993
340 : ip nat inside source static tcp 192.168.1.100 443 interface Ethernet1 443
341 : ip nat inside source static udp 192.168.1.100 143 interface Ethernet1 143
342 : ip nat inside source static tcp 192.168.1.100 143 interface Ethernet1 143
343 : ip nat inside source static udp 192.168.1.100 135 interface Ethernet1 135
344 : ip nat inside source static tcp 192.168.1.100 135 interface Ethernet1 135
345 : ip nat inside source static udp 192.168.1.100 53 interface Ethernet1 53
346 : ip nat inside source static tcp 192.168.1.100 80 interface Ethernet1 80
347 : ip classless
348 : ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
349 : no ip http server
350 : no ip http secure-server
351 : !
352 : !
353 : ip access-list extended LAN->Router
354 : permit ip any any
355 : ip access-list extended Router->LAN
356 : permit ip any any
357 : ip access-list extended Router->WAN
358 : permit ip any any
359 : ip access-list extended VoIP
360 : permit tcp any any eq 5060
361 : permit udp any any eq 5060
362 : ip access-list extended WAN->Router
363 : permit tcp any any established
364 : permit udp host 0.0.0.0 host 255.255.255.255
365 : permit udp host 10.1.1.1 host 255.255.255.255
366 : permit udp host xxx.xxx.xxx.xxx any
367 : permit udp host xxx.xxx.xxx.xxx any
368 : permit tcp host 209.209.155.1 any
369 : permit udp host 209.209.140.57 any
370 : permit udp host 209.209.140.58 any
371 : permit udp host 209.209.180.64 any
372 : permit tcp host 209.209.181.11 any
373 : permit icmp host 209.209.181.11 any
374 : permit tcp any any eq www
375 : permit icmp any host xxx.xxx.xxx.xxx
376 : permit udp host 129.6.15.28 any
377 : permit udp any host xxx.xxx.xxx.xxx eq domain
378 : permit tcp any host xxx.xxx.xxx.xxx eq telnet
379 : permit tcp any host xxx.xxx.xxx.xxx eq 135
380 : permit udp any host xxx.xxx.xxx.xxx eq 135
381 : permit tcp any host xxx.xxx.xxx.xxx eq 143
382 : permit udp any host xxx.xxx.xxx.xxx eq 143
383 : permit tcp any host xxx.xxx.xxx.xxx eq 443
384 : permit udp any host xxx.xxx.xxx.xxx eq 443
385 : permit tcp any host xxx.xxx.xxx.xxx eq 993
386 : permit udp any host xxx.xxx.xxx.xxx eq 993
387 : permit tcp any host xxx.xxx.xxx.xxx eq 1723
388 : permit udp any host xxx.xxx.xxx.xxx eq 1723
389 : permit tcp any host xxx.xxx.xxx.xxx eq 2208
390 : permit udp any host xxx.xxx.xxx.xxx eq 2208
391 : permit tcp any host xxx.xxx.xxx.xxx eq 2883
392 : permit udp any host xxx.xxx.xxx.xxx eq 2883
393 : permit tcp any host xxx.xxx.xxx.xxx range 3350 3358
394 : permit tcp any host xxx.xxx.xxx.xxx eq 3389
395 : permit tcp any host xxx.xxx.xxx.xxx range 5950 5958
396 : deny ip any any log
397 : ip access-list extended Web-Email
398 : permit tcp any any eq www
399 : permit tcp any any eq 443
400 : permit tcp any any eq ftp
401 : permit tcp any any eq smtp
402 : permit tcp any any eq pop3
403 : permit udp any any eq domain
404 : permit tcp any any eq 135
405 : permit udp any any eq 135
406 : permit tcp any any eq 143
407 : permit udp any any eq 143
408 : permit tcp any any eq 993
409 : permit udp any any eq 993
410 : permit tcp any any eq 1723
411 : permit udp any any eq 1723
412 : permit tcp any any eq 2883
413 : permit udp any any eq 2883
414 : access-list 100 permit ip 192.168.1.0 0.0.0.255 any
415 : no cdp run
416 : banner login ^C
417 : ***************************************************************************
418 : * CompanyName COMMUNICATIONS, INC. -- LEGAL NOTICE -- YOU MUST READ *
419 : ***************************************************************************
420 : * *
421 : * You must have explicit permission to access or configure this *
422 : * device. All activities performed on this device are logged and *
423 : * violations of this policy may result in criminal prosecution. *
424 : * *
425 : ***************************************************************************
426 : * *
427 : * This system is for the use of authorized users only. Individuals using *
428 : * this computer system without authority, or in excess of their authority,*
429 : * are subject to having all of their activities on this system monitored *
430 : * and recorded by system personnel. *
431 : * *
432 : * *
433 : * Anyone using this system expressly consents to such monitoring and is *
434 : * advised that if such monitoring reveals possible evidence of criminal *
435 : * activity, system personnel may provide the evidence of such monitoring *
436 : * to law enforcement officials. *
437 : * *
438 : ***************************************************************************
439 : * UNAUTHORIZED ACCESS TO THIS NETWORK DEVICE IS PROHIBITED *
440 : ***************************************************************************^C
441 : !
442 : line con 0
443 : exec-timeout 60 0
444 : password 7 13290E115B5D54
445 : login local
446 : no modem enable
447 : transport preferred all
448 : transport output all
449 : stopbits 1
450 : line aux 0
451 : password 7 022A1D585B575F
452 : transport preferred all
453 : transport output all
454 : line vty 0 4
455 : exec-timeout 60 0
456 : password 7 047712055F701C
457 : login local
458 : length 0
459 : transport preferred all
460 : transport input all
461 : transport output all
462 : !
463 : scheduler max-task-time 5000
464 : ntp clock-period 17180125
465 : ntp server 129.6.15.28
466 : !
467 : end

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Cisco does not allow "hair-pinning"

by NetMan1958 In reply to Help! Issue with VNC & O ...

This article explains it nicely:
http://blogs.techrepublic.com.com/networking/?p=1140

NOTE: Cisco routers perform "DNS Doctoring" by default and do not need the "dns" keyword in the static NAT config.

If you still have questions, post back as I have encountered this many times.

Collapse -

Didn't work..

by erickcline In reply to Cisco does not allow "hai ...

I am assuming you mean to remove the following line:

345 : ip nat inside source static udp 192.168.1.100 53 interface Ethernet1 53

I tried that and it didn't work. Plus I tried accessing OWA by using just the IP address and it took me to our redirect page which sends you to the https page and there is where you get the IE cannot display the webpage. When I type in http://domain.name.com it gives the page cannot be display and doesn't redirect to https.

Our old router was a consumer Linksys router with port forwarding configured exactly the same way as the cisco router. The pc's were configured with a static ip and dns1 was set to our small business server 192.168.1.100 and ns2 was set as the router 192.168.1.1 or vice versa on some pc's. And it worked great. I hope I didn't confuse you. Thanks!

Collapse -

Here's an article on Hairpinning with Cisco (AKA Tromboning)

by robo_dev In reply to Didn't work..

http://ckdake.com/content/2009/hairpinning-with-a-cisco-asa.html

see the link on the above page that says "another way to do this" that looks more logical and simpler

Collapse -

Nope

by NetMan1958 In reply to Didn't work..

I didn't mean for you to remove "345 : ip nat inside source static udp 192.168.1.100 53 interface Ethernet1 53"
If you do that, the server won't be reachable from the Internet.

What that article explains is that unlike some routers, Cisco doesn't support traffic going from the LAN interface out through the WAN interface and then back in the WAN interface (a.k.a. "hair-pinning") in order to reach a host via it's public/static NAT address. From the LAN side of a Cisco you always have to communicate with a host via it's LAN IP.

The only problem with this is that if you try to communicate with the host via it's name/URL, DNS returns it's public IP. There are 2 ways to get around this:
(1) Go to each host on the network and configure it's hosts file with the name/private IP of all your public servers
(2)
(a) If you are using Active Directory in your network and all of your hosts use your AD server as a DNS server, then that DNS server needs to forward requests for your public domain names to a server outside of your network such as your ISP's or OpenDNS's servers.
(b) If you aren't using Active Directory, then you need to configure your DHCP pools to hand out your ISP's or OpenDNS's server IPs for the DNS servers.
Using (a) or (b) above, the DNS requests for your public hosts go out the WAN interface of your Cisco router and therefore the response comes back in the WAN interface and the Cisco router automatically performs "DNS Doctoring" in which it is aware of the static NAT entry for the public host and changes the IP Address returned in the response packet to the private IP.

Hope that was clear. If not, feel free to ask questions.

Collapse -

Could this just be fixed with some hosts file entries?

by robo_dev In reply to Nope

instead of hairpinning, just redirect the users to the correct IP address with the old fashioned hosts file.

Collapse -

Absolutely

by NetMan1958 In reply to Could this just be fixed ...

and I have done it that way before in a small network. That was option (1) in my reply above. It works great.

Collapse -

Call me crazy but.....

by robo_dev In reply to Help! Issue with VNC & O ...

You're trying to access a LAN device using the WAN address? Why not use the LAN address?

As far as I know you normally cannot do that, since your external interface is not on the same network as your LAN, hopefully....or am I dead wrong on that?

If you're trying to access the devices by DNS name, that's a different problem, since you can fix that with a hosts file.

BTW: don't post any passwords, even encrypted....those are easy to crack.

Collapse -

No your not crazy...I think I am going crazy

by erickcline In reply to Call me crazy but.....

Yes I am trying to access a LAN device using a the WAN ip address. This worked fine when we used the Linksys router. I don't have a problem with using the LAN addresses but we have a handful of employees that need to use it this way because they don't want to remember a lot of addresses and that is what they are use to doing. No I am not trying to access the devices by DNS name. The DNS issue is with our employees trying to access Outlook Web Access internally. Externally it works fine. Thanks for the headsup on the passwords. I thought I removed them. I just now changed them.

Back to Networks Forum
9 total posts (Page 1 of 1)  

Related Discussions

Related Forums