Unable to browse by IP if destination NAT is used

Unanswered Question
Jun 9th, 2010

Hi,

I am using an ASA between our organisation and another. This link is used for many things, including http. If I browse to the actual IP of the server I have no problem - http://20.1.1.20, however if I configure destination NAT, so the web server is presented as a differnet IP to us, it no longer works - http://10.10.10.10. I noticed that the host field in the http request remains as the actual IP I browsed to - 10.10.10.10. Is this the correct behaviour. Should the ASA NAT this? I don't have a problem if I browse by name.

PC-------(in)ASA(out)----------Web-Server

PC = 10.1.1.1

Web-Server = 20.1.1.20

static(out, in) 10.10.10.10 20.1.1.20

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Federico Coto F... Thu, 06/10/2010 - 06:51

Hi Phil,

After doing the destination NAT:

static(out, in) 10.10.10.10 20.1.1.20

Can you PING 10.10.10.10 from the PC?

What does a Packet-Tracer show us?

Federico.

phil-nicaud Thu, 06/10/2010 - 07:26

The issue is with the other organisation. They are dropping/ignoring packets with a HTTP Host field that they don't expect ie of the new IP I"m using. If I use the name it's fine.

I am simply asking whether it's normal to not NAT the HTTP Host field. I'm pretty sure it is, but wanted to double check.

Actions

This Discussion

Related Content