Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

asa traffic allow problem

Thanks in advance

I want to access my public ip from internal network, but cisco asa firewall drops the packet.Scenario is like follows

One of server is natted to one public IP on Cisco asa firewall.everything is working fine from outsidethe network ,but we can not access that natted public ip from internal network.I know its a normal behavior of cisco asa,which is drop the packet.Is their any way that i can access that natted public ip from internal network because i can't configure destination natting because my server and clinet are on same internal interface.also doctoring dns feature can not confgure because i access that server with ip not with dns name

2 REPLIES
New Member

Re: asa traffic allow problem

Configuring this is possible:

try this:

same-security-traffic permit intra-interface

static (inside,inside) public_ip private_ip netmask 255.255.255.255

Cisco Employee

Re: asa traffic allow problem

Hairpinning for Clear text traffic is available from 7.2.2 onwards. so make sure you have you the required version

The commands suggested to you looks good , however you also need natting of source, therefore the entire set of commands is :-

nat (inside) 1 0 0

global (inside) 1 interface

static (inside,inside)

116
Views
4
Helpful
2
Replies