Skip to main content

question on NAT box

More
15 years 1 month ago #32425 by ceaser
question on NAT box was created by ceaser
Why is it that an HTTP Client (eg Mozilla, Firefox ) works very well behind a NAT box but a webserver does not?
More
15 years 1 month ago #32426 by Kajitora
Replied by Kajitora on topic Re: question on NAT box
Ceaser,

I am making the assumption that you are talking about a many to one(You have one public ip address that many computer use to talk to the internet). Its all about which way the connection is coming from. Let me give an example.

Assume the following:
(PC) - > (Private)(Router W/NAT)(Public) - > Website

So your PC, with a private Ip address gos to talk to the website. It sends the packet to your router which then records that conversation in its translation table and drops the private ip address to replace it with its public one. It uses the Source port on the packet to keep track of it.

Lets now reverse

(Webserver) <- (Private)(Router W/NAT)(Public) <- (PC)

Your PC still needs to talk to the Public Ip address of the router, but when the router receives the packet it does not know which Private IP address to send it to.

But you are not with out a solution! You can use port forwarding on your router to forward any traffic with the destination port of 80 (HTTP) to the private ip address of your webserver. This normally works pretty well for me. If you need assistance let us know what kind of hardware you are using and we can advice further.
itgamers.blogspot.com
More
15 years 1 month ago #32427 by S0lo
Replied by S0lo on topic Re: question on NAT box
It can work very well for a web server too, but it requires a port/IP forwarding configuration (which usually doesn't come by default). Once it's configured correctly it can work smoothly.

I might have misunderstood your question, if so, please explain ceaser.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
15 years 4 days ago #32729 by katzebnt
Replied by katzebnt on topic DMZ works as well...

It can work very well for a web server too, but it requires a port/IP forwarding configuration (which usually doesn't come by default). Once it's configured correctly it can work smoothly.

I might have misunderstood your question, if so, please explain ceaser.


Agree with S0lo, port forwarding works well. You can also put your server in the router's DMZ. Be warned though that you're really putting your server out in the open, be sure to enable firewall, virus protection if necessary, etc. Hope this helps as well. :)
Time to create page: 0.121 seconds