cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
393
Views
0
Helpful
4
Replies

Accessing DMZ webserver from inside using public IP

shortnathan
Level 1
Level 1

Hi,

I have an ASA 5510 with a webserver in the dmz that is accessible to the outside from it's public IP (thanks to some help here yesterday), but not to the inside interface. I think I'm setting up the static NAT incorrectly.

The public IP is xx.xx.184.88 and the real IP is 172.16.0.176. I would like to use the public to view it from the inside interface. How would I configure that?

1 Accepted Solution

Accepted Solutions

Sure that would be fine. You should have something like...

static (inside,dmz) 10.39.239.0 10.39.239.0 netmask 255.255.255.0

View solution in original post

4 Replies 4

acomiskey
Level 10
Level 10

static (dmz,inside) xx.xx.184.88 172.16.0.176 netmask 255.255.255.255

or

static (dmz,inside) tcp xx.xx.184.88 www 172.16.0.176 www netmask 255.255.255.255

Hope it helps.

That moved the problem. Now I'm getting a "305006 partmap translation creation failed for tcp src inside:10.39.239.107/2198 dst dmz:xx.xx.184.88"

Should I post the config? Thanks!

Sure that would be fine. You should have something like...

static (inside,dmz) 10.39.239.0 10.39.239.0 netmask 255.255.255.0

That fixed it, thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: