My gateway is asa 5510 version 7.2(4) with ip 192.168.10.254. In my network there is a router 192.168.10.253 which is connected to other networks 192.168.2.0 and 192.168.3.0. There is a static route configured on my asa to direct traffic bound for 192.168.2.0 and 192.168.3.0 to pt to 192.168.10.253. However from my pc i could not access the 2 networks 192.168.2.0 and 192.168.3.0. I thought hairpinning is supported on asa which allows same security traffic in and out the same interface. I added the command "same-security-traffic permit intra-interface" but it doesnt work. Must i also add "global (inside) 1 interface" command?
I also understand that there are admin who does dns rewrite or hairpinning to allow their dns clients to be able to access internal servers using public ip. Which method is better such that there is less overheads in terms of network traffic.
Pls advise. Thks in advance.