Re: Help with DMZ access from inside with outside address transl
I have DNS re-write enabled, but doesn't it only effect DNS replies coming back from the outside interface? So if I have an inside user using a DNS server on the outside, it re-writes the reply when it comes back through the firewall.
What about a DNS reply that comes from an inside DNS server, but points to an address on my outside network? How can I have that re-written? The DNS reply never goes through the firewall. So ineffect I need an internal address to connect to a device on my external network.
Here is my client 10.5.5.20/24
Here is my server's mapped address 22.214.171.124/24
I need my inside client to be able to connect to that server that is in the DMZ with a real address of 10.4.29.3 and a mapped address on the outside of 126.96.36.199/24.
The firewall is dropping this packet because it will not allow packet redirection on the same interface correct?
So in the case of a inside client trying to reach a mapped outside address, how do you facilitate this?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...