Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Mapping of public IP to private IP


     I have some issues with respect to the translating of the public IP address of our webserver for ASA 5510 ver 8.0.  The public IP address of our appserver is and it is mapped to a dmz address of  Now the problem here is I can't access the appserver couldn't be accessed both from the LAN and the outside.  I believe that normally the outside couldn't pass through the dmz since it is going from a lower security level to a higher one and yet why couldn't I access the dmz zone from the Local Area Network?  (See attached network diagram)

     I have issued already a static command: static (dmz,outside) netmask  I have also created an access-list in which it could permit traffic from the outside interface into the dmz interface.  Now, one of the problems that I see is this... our ISP have issued us another range of public IP address that we can use and one of it is issued on the outside interface of ASA:  Will this be one of the possible reasons in which the we couldn't access the appserver from the outside interface?

     What configuration did I miss? Can you help me on this?


Hall of Fame Super Blue

Re: Mapping of public IP to private IP

Your static is the wrong way round ie. you have -

static (dmz,outside) netmask

it should be

static (dmz,outside) netmask

you need to allow access in the acl to the public address of


CreatePlease to create content