Got it

[Troubleshooting Series] Case 47 Users from internet can’t get access to the server in lan side

651 0 0 0 0

Physical Network Topology



Fault Description

AR2 can visit server via https.AR1 and AR2 learn the route via BGP protocol.

AR2 Can not get access to the private server

Configuration Files

l   AR

 sysname Router                                                                              
acl number 2000                                                                 
 rule 5 permit                                                                                              
interface GigabitEthernet0/0/1
 ip address                                           
interface GigabitEthernet0/0/2    
 ip address
 nat outbound 2000 
bgp 100
 peer as-number 65009
 ipv4-family unicast
 peer enable

Troubleshooting Procedure

                               Step 1      Checking whether AR2 can ping AR1:


                               Step 2      AR2 can’t ping AR1, we should check the routing-table. Check the route is correct or not. If not, we should modify it first. And make sure AR2 can ping AR1, pc can ping AR1.

                               Step 3      After Pc can ping AR1. Let’s try to visit the website on PC.

                               Step 4      If the pc can’t visit the website. We should check the nat configuration on AR1. In this scenario, we should configure a nat static/server on AR1.


Root Cause

First, there’s no route from AR1 to AR2, so AR2 can’t ping AR1.

If AR2 want to visit private server, AR1 should do a nat static/server to make the private server visible form AR2.

  • x
  • convention:


You need to log in to comment to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits


Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Please bind your phone number to obtain invitation bonus.
Information Protection Guide
Thanks for using Huawei Enterprise Support Community! We will help you learn how we collect, use, store and share your personal information and the rights you have in accordance with Privacy Policy and User Agreement.