asa traffic allow problem

Unanswered Question
Mar 12th, 2008
User Badges:

Thanks in advance

I want to access my public ip from internal network, but cisco asa firewall drops the packet.Scenario is like follows

One of server is natted to one public IP on Cisco asa firewall.everything is working fine from outsidethe network ,but we can not access that natted public ip from internal network.I know its a normal behavior of cisco asa,which is drop the packet.Is their any way that i can access that natted public ip from internal network because i can't configure destination natting because my server and clinet are on same internal interface.also doctoring dns feature can not confgure because i access that server with ip not with dns name

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
brettmilborrow Wed, 03/12/2008 - 09:10
User Badges:

Configuring this is possible:

try this:

same-security-traffic permit intra-interface

static (inside,inside) public_ip private_ip netmask

abinjola Wed, 03/12/2008 - 09:47
User Badges:
  • Cisco Employee,

Hairpinning for Clear text traffic is available from 7.2.2 onwards. so make sure you have you the required version

The commands suggested to you looks good , however you also need natting of source, therefore the entire set of commands is :-

nat (inside) 1 0 0

global (inside) 1 interface

static (inside,inside)


This Discussion