No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - IP Service

AR500, AR510, AR531, AR550, AR1500, and AR2500 V200R010

This document describes the concepts and configuration procedures of IP Service features on the device, and provides the configuration examples.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
External Hosts Fail to Access Internal Servers

External Hosts Fail to Access Internal Servers

Fault Description

This fault is commonly caused by one of the following:

  • The NAT server is configured on an incorrect interface such as an outbound port or other unrelated interfaces. The NAT server must be configured on the inbound interface of an external host that connects to the internal network.
  • The NAT server configuration is incorrect. For example, the corresponding public and private IP addresses of internal servers are incorrect, and private ports and enabled ports of internal servers are different.

Procedure

  1. Check whether services on the internal NAT server are running properly.

    When the external network cannot access the internal NAT server, check whether services such as HTTP server and FTP server are enabled on the internal NAT server. Access the internal NAT server from an internal host to check whether the services are running properly.

    • If services on the internal NAT server are not running properly, enable the services.
    • If services on the internal NAT server are running properly but the fault persists, go to step 2.

  2. Check that the NAT server is configured correctly.

    Run the display nat server command on the device to check that the NAT server is configured on the correct NAT interface and the correct protocol type, interface number, and IP address are configured.

    [Huawei] display nat server 
      Nat Server Information:                                                       
      Interface  : GigabitEthernet 2/0/0                                             
        Global IP/Port     : 1.1.1.1/80 (www)                                  
        Inside IP/Port     : 192.168.0.100/8080                                      
        Protocol : 6(tcp)                                                         
        VPN instance-name  : ---- 
        Acl number         : ----                                                  
        Vrrp id            : ----                                                   
        Description : ----
      Total :    1  
    

    Ensure that the mapped internal address and interface are correct. When some services such as FTP and TFTP transmit data packets, several interfaces (some of them are randomly generated) are used. Therefore, to configure the NAT server providing such services, cancel the limitation on the ports so that the internal server can provide services normally.

    • If the NAT server is configured incorrectly, reconfigure the NAT server.
    • If the NAT server is configured correctly but the fault persists, go to step 3.

  3. Check the connection between the external host and NAT server and the configurations of the connected ports.

    Check that the IP address of the outbound interface on the NAT server is correct and the external IP address of the NAT server is correct. The IP addresses cannot conflict with the addresses on other network segments. Ping the external interface of the NAT server on an external host. Ensure that the external host can ping the NAT server successfully.

    • If the external host cannot connect to the NAT server, check the connection.
    • If the external host and NAT server are connected correctly but the fault persists, go to step 4.

  4. Check that the internal NAT server is configured with the correct gateway address or route.

    The internal NAT server must be configured with the correct route or gateway address so that packets destined for the external host can be sent to the gateway.

    • If the gateway address or route on the internal NAT server is configured incorrectly, reconfigure it.
    • If the gateway address or route on the internal NAT server is configured correctly but the fault persists, contact technical support personnel.

Translation
Download
Updated: 2019-05-20

Document ID: EDOC1100034231

Views: 82403

Downloads: 54

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next