A rule in a Cisco routed is not running in another subnet network how to solve?

Good day,

here's the port forwarding I have:
ip nat inside source static tcp 172.16.1.5 53 xxx.xxx.xxx.xxx 53 extendable
ip nat inside source static udp 172.16.1.5 53 xxx.xxx.xxx.xxx 53 extendable
ip nat inside source static tcp 172.16.1.10 80 xxx.xxx.xxx.xxx 80 extendable


network # 1 172.16.1.0

interface GigabitEthernet0/0
description LAN
mac-address 68b5.99b7.bd85
ip address 172.16.1.1 255.255.0.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed 100
WAN xxx.xxx.xxx.xxx
interface GigabitEthernet0/1
mac-address f80f.41f2.f81b
no ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
No. 2 192.168.1.0

interface GigabitEthernet0/2
ip address 192.168.1.112 255.255.255.0
ip mtu 1492
ip nat inside
ip virtual-reassembly in
duplex full
speed 100


DNS does not work between networks # 1 and # 2 or wrong with the rules?
Hosts 172.16.1.10
June 10th 19 at 15:25
2 answers
June 10th 19 at 15:27
On forwarding DNS: hang a flag no-payload, or cisk go into the DNS packets and replaces the address with the results. So we have one private address of 192.168 fell into the public DNS cache, it was fun Troubleshooting.

As for "not working" - and the packets from 192.168.1.0 to 172.16.1.0 do you go?
Yes, by IP hosts open, and through the domain name do not go - dylan56 commented on June 10th 19 at 15:30
and where configured DNS in the network? - sadie_Hop commented on June 10th 19 at 15:33
DNS is configured in the hosting, the IP address of my router listed.
Before that everything worked so
ip nat inside source static tcp 172.16.1.10 xxx.xxx.xxx.xxx extendable
without specifying the port, and after the Declaration of the port
ip nat inside source static tcp 172.16.1.10 80 xxx.xxx.xxx.xxx 80 extendable
network # 2 does not see through a domain name. on IP open. - dylan56 commented on June 10th 19 at 15:36
You seem to have the situation where the packets "to" go to xxx.xxx, and the answers are coming from 172.16.1.10, which means you need aliasing DNS inside to what address it sits on the web server resolvers inside 172.16.1.10. Before he resolverse through the outside of the entire PC portforwarding NAT for this IP address worked for DNS Rewrite, and you when you request from inside the network on their own DNS external received internal address 172.16.0.11. Now you get an external address from the same DNS'a, so, we need to fix the configuration of the DNS. I would in your case would raise DNS server for internal needs (the domain name there, something like that), external to the 172.16.1.5 address used as a forwarder and set a static address for the hosts of internal networks. - sadie_Hop commented on June 10th 19 at 15:39
June 10th 19 at 15:29
You have both networks on the same router ?
Yes - dylan56 commented on June 10th 19 at 15:32
if both networks on the same router, then they do not need port forwarding to them all the ports will be open. If DNS provider, then request your pravilami NAT your router's DNS perenapravit on 172.16.1.5 and the requester will not receive a response. Remove NAT rules for DNS and check - sadie_Hop commented on June 10th 19 at 15:35

Find more questions by tags Network administrationCiscoSystem administration