
Can I utilize cisco router features during local to local data transmission?

us flag

Cisco router is reachable from the internet, external ports are being forwarded to different inside hosts. From external connection on port 1234, it is being forwarded to a internal host running an app on port 443. This whole can be reached from the internet via

What I need: Be able to reach this host from the inside on port 1234, preferably on the internal IP of the host and not on the external (isp) ip of the router. Currently neither one works.

(this works)
internet --> --> router --> host

(that does not works) hairpining?! no idea how to set it up
local    --> --> router --> host

(is this possible some how???? preferred solution)
local    --> --> router --> host

(works but its not really a solution)
local    --> --> router --> host

I'm using cisco isr ois xe 16.09.

br flag

You have multiple questions hidden in your post, I'll try to answer them all. But first look at current "solution" and how it works.

  1. External host tries to reach
  2. Host asks DNS server for IP address of, DNS reply external IP address of the router.
  3. Host send data to external IP address:1234, router receives that and
    • forwards data to host
    • NAT used (changed IP address from external IP to local IP
    • port-forwarding used (changed port 1234 into 443)

You are trying to achieve 3 different things, let split them:

  1. Connect from local IP address to local IP address. Because they are both in local network in same subnet - you can use how to check, the request will not go to the default gateway (to the router) and instead the host will be contacted directly.

    • To clearly clarify: With mask (/24), You won't be able to send from local IP (e.g. to local IP ( VIA ROUTER unless you move either of host to different IP range/subnet.
  2. Translate into local IP address for local host(s). There are more solutions, one of them is to configure your local DNS server and create type A entry for>local IP. If you don't have one, on your host (PC?), you can edit hosts file.

  3. Last thing is to translate port 1234 into 443. Normally you would do this thing on the router (when going from different subnets). However in this case you are on same local network for both source/destination and this won't help you. There are workarounds, e.g. using Proxy app on your machine.

    • Also there is workaround for Linux machines, you can modify IP table of that machine:
      • iptables -t nat -A OUTPUT -p udp --dport 1234 -j DNAT --to-destination

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.