Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Client behind asa cannot access to hosted domain.

Dear Supporter,

I need you help me to solve this issue. I have a web-server in my office, I want to access to my web server from outside via domain name, so I have registered with Godady by convert my public ip to www.domain-name.com, after that I can access my web-server from outside via www.domain-name.com, but unluckily I and all client inside my office cannot access to my web-server via www.domain-name.com. I thinks that the problem is on asa, so try to fix by googling and other documents, but did not solve my problem. So can you please help me on this?

Please check diagram as in attachment file.

Thank in advance and Best regard,

 

  • Firewalling
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Hi,Thank you for sharing the

Hi,

Thank you for sharing the configuration.

This should be the required configuration:-

object network web-server-https-1
 host 10.10.17.2

nat (inside,inside) source dynamic any interface destination static interface web-server-https-1

Try this and let me know if this works

Thanks and Regards,

Vibhor Amrodia

 

3 REPLIES
Cisco Employee

Hi,It should be a simple U

Hi,

It should be a simple U Turn NAT on the ASA device to redirect the traffic for the domain Name back inside to the Web Server. At this moment the request from the clients are trying to go to the Public IP of the server which will not work without the NAT statement in place.

Which version are you using ?

Thanks and Regards,

Vibhor Amrodia

 

New Member

Dear Mr.,Thanks you for your

Dear Mr.,

Thanks you for your reply. Currently I used Ciscco ASA 5512-X version 9.1 firmware. This is  NAT which I using in ASA:

object network web-server-https
 host 10.10.17.2

access-list outside_acl_in extended permit tcp any host 10.10.17.2 eq https

object network web-server-https
 nat (inside,outside) static interface service tcp https https

If possible can you give a sample configuration or documents to fix this issue?

Thanks in advance and Best regard,

Cisco Employee

Hi,Thank you for sharing the

Hi,

Thank you for sharing the configuration.

This should be the required configuration:-

object network web-server-https-1
 host 10.10.17.2

nat (inside,inside) source dynamic any interface destination static interface web-server-https-1

Try this and let me know if this works

Thanks and Regards,

Vibhor Amrodia

 

39
Views
0
Helpful
3
Replies
This widget could not be displayed.