NAT help

Unanswered Question
Dec 14th, 2009
User Badges:


We have an internal webserver which is available from the internet via a public IP using a static NAT.  This server sits in it's own VLAN off our ASA using a sub-interface (trunk into a switch). Our developers have asked if our internal users could also use this public IP to access the server?  It will save them lots of re-programming apparently, is this possibe?

So if I wanted to get to this public IP (which is on the ASA anyway), it doesn't go out to the internet, but maybe just NAT's to this internal IP?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Andy White Mon, 12/14/2009 - 06:44
User Badges:

Would a NAT work, I looked at you link and it looks very similar to a NAT.

I trid to do a Static NAT, but the packet trace should the trafic going out to the internet which I don't want happening:

info example:


inside (

outside (

VLAN1 (172.25.1.x)

VLAN2 (192.168.15.x)

Currently we have a NAT for > from the Outside to VLAN2 web server.  We want VLAN2 to ba able to contact and not go out on the global IP.  I added 'static (VLAN1,VLAN2) netmask dns tcp 0 0 udp 0' but the traffic goes to the outside.

I thought anything on VLAN1 trying to get to would translate to


This Discussion