cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
293
Views
4
Helpful
2
Replies

asa traffic allow problem

san_dec21
Level 1
Level 1

Thanks in advance

I want to access my public ip from internal network, but cisco asa firewall drops the packet.Scenario is like follows

One of server is natted to one public IP on Cisco asa firewall.everything is working fine from outsidethe network ,but we can not access that natted public ip from internal network.I know its a normal behavior of cisco asa,which is drop the packet.Is their any way that i can access that natted public ip from internal network because i can't configure destination natting because my server and clinet are on same internal interface.also doctoring dns feature can not confgure because i access that server with ip not with dns name

2 Replies 2

brettmilborrow
Level 1
Level 1

Configuring this is possible:

try this:

same-security-traffic permit intra-interface

static (inside,inside) public_ip private_ip netmask 255.255.255.255

Hairpinning for Clear text traffic is available from 7.2.2 onwards. so make sure you have you the required version

The commands suggested to you looks good , however you also need natting of source, therefore the entire set of commands is :-

nat (inside) 1 0 0

global (inside) 1 interface

static (inside,inside)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: