Hi all,
Need to access the switch which is behind the controller from an external network
The setup is as follows
=- 7000 series controller using 6.5 OS
=- PC1 is present in the external network
=- In the other location, we have ISP which is connected to controller then we have a switch
=- Switch's DG is the controller and controller's DG is the ISP
=- ISP has 1 public IP and even the controller has 1 public interface
=- Switch has private IP which is different from the controller subnet but controller has the switch's subnet as well
=- PC1 from an external network is now able to access the controller by typing the public IP present in the controller
=- Similarly, we are trying to access the switch which is behind the controller by typic <x.x.x.x controller's public IP>:random port no. Eg: 25.25.25.25:5000. When I type this, we should get the switch page
=- Am able to ping the controller's public interface from the external network
=- Am able to ping the switch from the controller and vice versa
==========================
Configuration
````````````````````
=- I have created a port based acl and mapped it to the controller's uplink as follows
=- Let's consider 25.25.25.25 as public interface in the controller and 5000 as random port to open the switch. 0/0/1 is the controller's uplink.
(config) #ip access-list session t-acl
(config-sess-t-acl)#any host 25.25.25.25 tcp 5000 dst-nat ip 10.0.0.5 5000
(config-sess-t-acl)#exit
(config) #interface gigabitethernet 0/0/1
(config-if)#ip access-group test-acl session
(config-if)#exit
=- So now from an external network, I should be able to access the switch by typing 25.25.25.25:5000 in the url but it doesn't work
=- Site cannot be reached.
Any help will be of great help as this is something very important.
Thank you in advance
Regards,
PS.