Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPhone push and ASA

my exchange fo is in the DMZ 192.168.1.25 and it has an external ip of 209.X.X.X

I want my iphone users to be able to hit the external IP from inside my network. my asa /security kung fu is not strong

How can I let traffic from my inside int to the external ip ? at this time hairpinning is not allowed and I would only like to allow only that ip to be accessed internaly

The security levels for the ints are all different so the same-security-traffic permit intra-interface  command will not work

1 REPLY

Re: IPhone push and ASA

Hi,

Let's say you have this:

Inside network: 1.1.1.0/24

DMZ network: 2.2.2.0/24

Outside network 3.3.3.0/24

So, there's a NAT for the DMZ's server:

static (dmz,out) 3.3.3.10 2.2.2.10

In order for the Internal LAN to access the DMZ server using its public address, you do the following:

static (dmz,in) 3.3.3.10 2.2.2.10

Federico.

165
Views
0
Helpful
1
Replies
CreatePlease to create content