Accessing an internally hosted site via it's external IP

Permabanned
Joined
19 Apr 2006
Posts
2,333
Location
West Yorkshire
We have a web server hosted on our internal network, that we need our sales reps to be able to access via the external IP even when they are on internal network.

Obviously they cant do this normally as it means they are going out on and trying to contact the same IP they are leaving the network on.

How can I get round this ? someone mentioned that using an external proxy would make it work, but I am unsure what they mean and they didnt provide any further info.
 
Just out of curiousty, why do they need to access on the external IP? Some sort of logging or is your security set up that way?

An external proxy will simply redirect the users request via the proxy host, and then back again... thus appearing as though the "proxy" requested it (so it would be an external IP)... there's loads of free ones on the net that you could use.
 
The reason is our sales reps willbe using our new website from internally, but they will browse to the url like everyone else, which is fine, then click the client login button, which then takes them to the internally hosted server.

The link is done as an IP i.e http://81.82.83.84, so this section doesnt work when our sales reps come to use it.

I will have a look for the free proxy stuff thanks.
 
You could just add an entry in the hosts file. That's the simplest way, although it'd be a pain to configure it on each PC individually. Worth looking into if you're prepared to do that though.

Edit: Ok scrap that - just read that they try to connect to an IP rather than a domain name.
 
If it was a name and you had a local DNS server, you could avoid configuring it on each machine - just create a zone file for the domain with the name in question pointing at the internal IP, and let whoever handles DNS normally point it at the external IP for anyone on the outside.

Using a proxy, free or otherwise, is a bit of a kludge - not to mention it's unlikely to be secure (especially if you're not running it).
Some routers will do loopback, but the closest to a solution might be persuading them to use a name rather than an IP.
 
If you try to access this IP address from home, can you access it? Is it just being blocked by a firewall/not forwarded to the internal server?
 
Last edited:
ns400r said:
If you try to access this IP address from home, can you acces it? Is it just being blocked by a firewall/not forwarded to the internal server?


Can access it from anywhere just not internally.

As tolien said it's to do with most routers not supporting this "loopback" thing where you cant go out and come back in at the IP you went out on.

I dont fully understand it, but have seen it before.
 
Is it just the sales guy who needs the internal access?

What kit you using?

As mentioned before, if its kit that supports some sort of NAT... and the guy uses the same internal IP whenever he tries to connect, create an ACL and a static NAT translation on the device.... should work?
 
We have a managed network with an external company who have now told us that it wouldnt be possible for this to happen on their kit.

Thanks for the help anyways!
 
Back
Top Bottom