Routes for internal hosts with public DNS entries not working, VOIP issues.

Unanswered Question
Oct 13th, 2009

Using an ASA 5505

One of the big problems that I already know about is that we currently aren't using a DMZ. This will change in the upcoming months as we get the necessary hardware to pull our main DB away from the web server that hosts it so that we can host the DB in the server farm instead of in the DMZ. (We're a non-profit so we're having to do as much as possible with as little as possible.)

What I'm attempting to do is allow the web servers, pbx, chat server and other servers that SHOULD be in the DMZ sit inside the LAN in the Data Center (site1) and use DNS rewrite to stop the NAT rules for inbound traffic. This doesn't appear to be working. I can ping the servers by their external IP and if I'm on the 192.168.100.X subnet then I can see the DNS rewrite actually taking place (ping to DNS name results in local IP), but if I go from one of the other subnets that's connected via MPLS I'm unable to see the DNZ rewrite take place. So traffic from 192.168.110.X subnet tries to hit the public IP address not the internal web server IP address on 192.168.100.X subnet.

One of the other major issue that we're having is that it seems like the PBX keeps losing communication with our SIP lines. I'm not certain if I should adjust the timers or just disable the timeout for SIP. This seems to be causing us to have to reboot the PBX multiple times to restore the trunks.

Speaking of trunks, SITE2 (192.168.120.0) isn't being seen by the PBX when calls are made it tries to roll through the various trunks with no success.

Full config is attached. Any help is greatly appreciated as it means we get the current netgear junk out of the cabinet quicker.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion