this thread is not about how to get local webserver running. I have it running. Well, I needed to do it quickly, so I hacked double dst-nat thru two of our nodes, but it works, except the fact, that I can’t access web server from local nework.
Now from MUM docs, I can see we had is as an “Advanced NAT problem” scenario, but I can’t remember, what was said we have to do.
well:
I could add to windows hosts file static IP, or I could add static entries into DNS server probably, but how to do it other way?
so:
internet —> 123.123.123.123 main-router 10.0.10.1-----> 10.0.10.10 webserver | 10.0.10.20 PC1
Now how to access from PC1 to webserver? What happens to packet? It surely asks DNS, and it tells PC1, that webserver is at 123.123.123.123 public IP. So it goes there. Then there is DST nat applied, so maybe even webserver is reached, but imo the answer is not delivered and my suspicion is, that somehow NAT is involved. It will imo go back to main router, and it will be given back 123.123.123.123 address and dropped? So is it solvable, without assigning web server public IP?
To get it working under 2.9.x, I had to add another dst-nat rule which specified my local network as the in-interface and the dst-address of the webserver in question. Try this rule and see if it works for you:
it does seem to work The trick is not let local network request to go to public interface, but catch it incoming to main router, and dst-nat it to the server directly.
You can use this two example rules, that's make redirect to your ip webserver [10.0.10.10] for destination Lan and from outside [123.123.123.123] too and included default MT WEB INTERFACE disappear, i mean everything from input for destination address at port 80:
