asa traffic allow problem

Unanswered Question
Mar 12th, 2008

Thanks in advance

I want to access my public ip from internal network, but cisco asa firewall drops the packet.Scenario is like follows

One of server is natted to one public IP on Cisco asa firewall.everything is working fine from outsidethe network ,but we can not access that natted public ip from internal network.I know its a normal behavior of cisco asa,which is drop the packet.Is their any way that i can access that natted public ip from internal network because i can't configure destination natting because my server and clinet are on same internal interface.also doctoring dns feature can not confgure because i access that server with ip not with dns name

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
brettmilborrow Wed, 03/12/2008 - 09:10

Configuring this is possible:

try this:

same-security-traffic permit intra-interface

static (inside,inside) public_ip private_ip netmask 255.255.255.255

abinjola Wed, 03/12/2008 - 09:47

Hairpinning for Clear text traffic is available from 7.2.2 onwards. so make sure you have you the required version

The commands suggested to you looks good , however you also need natting of source, therefore the entire set of commands is :-

nat (inside) 1 0 0

global (inside) 1 interface

static (inside,inside)

Actions

This Discussion