No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Why the PC Cannot Access the Private Network Server Through the Domain Name

Publication Date:  2012-07-27 Views:  52 Downloads:  0
Issue Description
When the nat dns-map www.jiaoyu.com 202.1.1.101 80 tcp command is not run on the router, why the PC cannot access the private network server through the domain name? This case corresponds to the low-end and middle-range routers in the VRP3.40 version. 
 
Alarm Information
Null 
Handling Process
When the nat dns-map www.jiaoyu.com 202.1.1.101 80 tcp command is not run on the router, the PC access the private network server as follows (Suppose the IP address of the PC is 192.168.0.10, the IP address of the private network server is 192.168.0.20, and the IP address of the corresponding public network is 222.111.1.2):1. When the PC accesses the server through the domain name, the DNS returns the public network address 222.111.1.2 of the server. Therefore, the source IP address of the TCP connection sent by the PC is the private network IP address of the PC, and the destination IP address is the public network IP address of the server, that is, the source IP address is 192.168.0.10 and the destination IP address is 222.111.1.2.
2. On the router, this packet replaces the destination IP address with the private network IP address being 192.168.0.20 of the server and the request packet reaches the server. In the response packet sent by the server, the source IP address is the private network IP address of the server, and the destination IP address is the private network IP address of the PC, that is, the destination IP address is 192.168.0.10 and the source IP address is 192.168.0.20.
3. The response packet can reach the PC but cannot access the server. Because the source IP address of the response packet is the private network IP address of the server instead of the destination IP address when the request is originated, and the TEC connection is regarded as failed.
4. Run the nat dns-map command, and then when the PC accesses the server with the domain name, the DNS returns the private network IP address of the server and a TCP connection is set up successfully. 
 
Root Cause
Null 
Suggestions
Null 

END