i have an ASA 5510
i have an exchance owa server that gets all traffic from 1 IP on 1 interface (and then firewall allows only HTTPS)
I need this owa server to be able to access its own hosted website from its external adderss, which right now it cant.
so say from server i go to https://external.domain.com/exchange
this times out
it works ok from other computers, that do not have the ASA as they're default gateway. so the server is working and ports are forwarding correctly.
I ticked "DNS rewrite" on the static NAT rule but still not working.
So seems that you have a software that still uses the older NAT format since you are running 8.2 (big change from 8.3 onwards)
I am kind of wondering if this will work since usually people are asking a solution for similiar case but there the requirement is that the Internal hosts can contact the server using the public IP address.
If I were to presume the following starting information for these configurations
- Interfaces named "inside" and "outside"
- Public IP 22.214.171.124 Local IP 192.168.10.10
- Existing Dynamic PAT configuration for the network 192.168.10.0/24 using ID 1 and PAT IP address is the "outside" interface IP address
Then the current configuration (part of it) might be this
global (outside) 1 interface
nat (inside) 1 192.168.10.0 255.255.255.0
static (inside,outside) 126.96.36.199 192.168.10.10 netmask 255.255.255.255
I would then probably try to add the following
global (inside) 1 interface
static (inside,inside) 188.8.131.52 192.168.10.10 netmask 255.255.255.255
And make sure the following setting is enabled on the ASA
same-security-traffic permit intra-interface