Web server on Cisco 827 and Cisco 1900 switch

[DManigo]

Running-config
ip dhcp pool cisco
network 192.168.1.0 255.255.255.0
domain-name sprinthsd.net
dns-server 207.217.126.81 207.217.77.82 207.217.120.83
default-router 192.168.1.1
!
no ip dhcp-client network-discovery
bridge irb
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5snap
!
bundle-enable
dsl operating-mode auto
bridge-group 1
!
interface BVI1
ip address 63.162.201.72 255.255.255.0
ip nat outside
!
ip classless
ip route 0.0.0.0 0.0.0.0 63.162.201.1
ip http server
!
ip nat inside source list 1 interface BVI1 overload
access-list 1 permit 192.168.1.0 0.0.0.255
bridge 1 protocol ieee
bridge 1 route ip

I have a 1924-EN switch connected to the 827 router. My network can access the internet just fine. My webserver (which is on the 1900 series switch) can access the net, but the outside cannout access hosted sites. The webserver is statically assigned 192.168.1.3....where am I going wrong
through reading the forums, I'm assuming the issue is within the access-list. I can add an extended access-list ( ip nat inside source static tcp 192.168.1.1 80 63.162.201.1 80 extendable) the command is accepted but still cannot access the site from the outside.
I appreciate the help

 

[JOAMON]

Entered incorrectly
Reads:
ip nat inside source static tcp 192.168.1.1 80 63.162.201.1 80 extendable

Should be:
ip nat inside source static tcp 192.168.1.3 80 63.162.201.1 80 extendable

The way you have listed would extend the router to the internet .1 instead of the server .3

 

[JOAMON]

By the way if you have extra ip routeable addresses in your ip block you might consider extending the web server using one of them instaed of your router outside address.

 

[DManigo]

<joamon>

I enetered the string. Lost telnet connection ( I was at work doing this) When I got home, I entered through console cable now al I get is >> rommon 1>
What happened? I can type "?" diplaying available commands but I cannot get to my startup-config to view anything.

rommon 1 > ?
alias set and display aliases command
boot boot up an external process
break set/show/clear the breakpoint
confreg configuration register utility
cont continue executing a downloaded image
context display the context of a loaded image
cookie display contents of cookie PROM in hex
dev list the device table
dir list files in file system
dis display instruction stream
dnld serial download a program module
frame print out a selected stack frame
help monitor builtin command help
history monitor command history
meminfo main memory information
repeat repeat a monitor command
reset system reset
set display the monitor variables
stack produce a stack trace
sync write monitor environment to NVRAM
sysret print out info from last system return
tftpdnld tftp image download
unalias unset an alias
unset unset a monitor variable
xmodem x/ymodem image download
rommon 2 >

 

[DManigo]

<btw> I recieve this error trying "reset"

loadprog: bad file magic number: 0x0
boot: cannot load "flash:"þ
System Bootstrap, Version 12.1(1r)XB1, RELEASE SOFTWARE (fc1)
Copyright (c) 2000 by cisco Systems, Inc.
C827 platform with 16384 Kbytes of main memory

 

[JOAMON]

Looks like router reset on you and has some sort of problem with the flash file system. Does it come back to the same prompt after you power cycle the router?

 

[DManigo]

yes sir,

 

[JOAMON]

That is strange.....booting into rommon mood either indicates a problem with the IOS image or the flash itself. Were there any other problems like caused by a power failure..microwave clock blinking...clock radios off...etc...

 

[JOAMON]

Just noticed something else. You need to extend your server to the outside address of your router and not the ISP gateway. Do you have additional IP routeable addresses available? If so then you way want to map one of them as to still allow ip http access to the outside interface of your router.
Also with DHCP running I do not see and exclude for the router ethernet interface.
ip dhcp excluded-address 192.168.1.1

 

[DManigo]

Nope, no power outages or anything like that. The router was perfomring fine until I added that string to the running-config. that's when I lost telnet access. Got home and noticed the entire config was erased, I think the IOS has to be installed. As you see, I am a complete newbie to the Cisco world. I am CCO registered but don't have permission to access IOS dwonloads. I am stuck at this point.

 

[DManigo]

I was thinking about adding a second static IP to my account
(guess it wasn't a bad idea) As for IOS upgrades, how can obtain the current IOS software for the C827?

 

[JOAMON]

How much ram and flash memory does your router have and is an 827 or 827h?

 

[JOAMON]

Below is a link to the download page for IP Plus ios for 827 router....your CCO login should let you in...if not let me know were to send it...I have similiar router that uses same IOS.

 

[JOAMON]

You dont really nned the additional address but can only extend 1 web enabled device to the outside interface of your router. Cannot do http to router and server at same address.
Also here is link forgot in last post

http://www.cisco.com/cgi-bin/Softwa...20-sy6-mz.123-11.T3.bin&code=&tbtype=&crypto=

 

[DManigo]

Cisco827-4V
Main memory size: 16 MB.
Available main memory starts at 0x1b000, size 16276KB
IO (packet) memory size: 25 percent of main memory.
NVRAM size: 128KB

 

[DManigo]

My CCO is deneying me access. Please send to (5thborocs@earthlink.net)
Also
you said "You need to extend your server to the outside address of your router and not the ISP gateway. Do you have additional IP routeable addresses available? If so then you way want to map one of them as to still allow ip http access to the outside interface of your router"
I am lost as to what you mean (NEWBIE ALERT) please explain further.

I really appreciate your attention to my issue, it is appreciated, greatly !!

 

[JOAMON]

Well early on you list the following:
ip nat inside source static tcp 192.168.1.1 80 63.162.201.1 80 extendable)
Then I list that if your server was 192.168.1.3 then it needed to be:
ip nat inside source static tcp 192.168.1.3 80 63.162.201.1 80 extendable)
However I did not notice that you listed your ISP gateway as were it would be extended...should have been:
ip nat inside source static tcp 192.168.1.3 80 63.162.201.72 80 extendable)
What this does is put your server port 80 accessable to http access by enterying 63.162.201.72 in the web browser of a remote machine.

On its way...hope it works out for you...

 

[JOAMON]

Dont forget to put the following in when you are back online:
ip dhcp excluded-address 192.168.1.1

 

[DManigo]

ah, ok, I understand now...and thank you so much for the flash
do I need to unzip it to a designated folder before loading to flash

 

[JOAMON]

Below is a link that you will find useful

http://www.cisco.com/en/US/products...figuration_guide_chapter09186a0080118d19.html

Also here is a link for a free tftp server

http://www.solarwinds.net/Tools/Free_tools/TFTP_Server/