ASA 5505 8.4(2) allow internal user to access internal www server with only one public IP
I tried the solution posted at https://supportforums.cisco.com/message/3390056#3390056 however it did not work on my ASA5505 8.4(2). I thought that it may be because I only have a single public address so the web server is responding to port forwarding through the one public IP already. looking in ASDM it appears to indicate that a configured access list is blocking the server from responding to the internal hosts.
object network Private_IP
object network Public_IP
object-group network internal_net
network-object 192.168.1.0 255.255.255.0
access-list outside_access_in extended permit tcp any host 192.168.1.15 eq www
Re: ASA 5505 8.4(2) allow internal user to access internal www s
Thanks much. That did fix the problem for internal host however it cut off the external too. I can play with the internal range and try to see if that fixes it. I could post the full sh run but it takes some time to change all the sensitive stuff - maybe this evening if I still don't have it working.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...