Unable to browse by IP if destination NAT is used

Unanswered Question
Jun 9th, 2010
User Badges:

Hi,


I am using an ASA between our organisation and another. This link is used for many things, including http. If I browse to the actual IP of the server I have no problem - http://20.1.1.20, however if I configure destination NAT, so the web server is presented as a differnet IP to us, it no longer works - http://10.10.10.10. I noticed that the host field in the http request remains as the actual IP I browsed to - 10.10.10.10. Is this the correct behaviour. Should the ASA NAT this? I don't have a problem if I browse by name.


PC-------(in)ASA(out)----------Web-Server


PC = 10.1.1.1

Web-Server = 20.1.1.20

static(out, in) 10.10.10.10 20.1.1.20


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Thu, 06/10/2010 - 06:51
User Badges:
  • Green, 3000 points or more

Hi Phil,


After doing the destination NAT:

static(out, in) 10.10.10.10 20.1.1.20


Can you PING 10.10.10.10 from the PC?

What does a Packet-Tracer show us?


Federico.

phil-nicaud Thu, 06/10/2010 - 07:26
User Badges:

The issue is with the other organisation. They are dropping/ignoring packets with a HTTP Host field that they don't expect ie of the new IP I"m using. If I use the name it's fine.


I am simply asking whether it's normal to not NAT the HTTP Host field. I'm pretty sure it is, but wanted to double check.

Actions

This Discussion

Related Content