Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

DNS rewite and overloaded NAT

We have a PIX515. On the inside is a mail server and clients. We have a dynamic NAT to the outside address overloaded by a static on port 25 for inbound mail. On the DMZ is a Web server that has a dynamic NAT to the same outside address plus overloaded static on port 443.

Access from inside to the DMZ is NAT exempt.

I am trying to set DNS rewrite (I assume on the inside/outside dynamic nat) so that accesses to the DMZ web server from the inside can be made using the external address. But this appears not to work.

Is this because of the multiple overloads, or is there an issue to do with the NAT order, or is the fact that inside/dmz traffic is not NATed?

Should I use outbound translates for inside/dmz traffic?

Cisco Employee

Re: DNS rewite and overloaded NAT

DNS rewrite is not supported with static PAT.

New Member

Re: DNS rewite and overloaded NAT

To access your webserver in DMZ from Inside using the server's public IP configure:

static (dmz,inside) y.y.y.y 443 x.x.x.x 443

where y.y.y.y is the public IP of the webserver and x.x.x.x is its private IP. This is an alternate to DNS doctoring for your case.

CreatePlease to create content