Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

NAT question with sw 9.1

Hi, this is probably a simple NAT question but I can't find answer.

From my inside interface with security level 100, I can access servers on the dmz interface with security level 50.

But if I publish a server on the dmz interface to outside, i can no longer connect to it from inside.

I publish the server with the command:

object network server-name
host 10.50.50.10 (ex ip to server)

object network server-name
nat (any,any) static 216.22.34.46 (ex public ip)

I have an acl on the outside interface in and allow traffic to the server. It all works well from outside internet --> to the server on the dmz. But i do not have access from an inside host to the server.

I assume it have to do with the NAT command?

I'm using an asa 5512-x with sw 9.1

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

NAT question with sw 9.1

Hi Johan,

You are using "nat(any,any)", so dont use that as you know that the server that you are publishing is on dmz and you are publishing it for traffic from outside interface

Use this instead

object network server-name
host 10.50.50.10 (ex ip to server)

object network server-name
nat (dmz,outside) static 216.22.34.46 (ex public ip)

Try this i am sure this will make it work for both inside users as well as outside users.

Cheers,

Naveen

2 REPLIES
New Member

NAT question with sw 9.1

Hi Johan,

You are using "nat(any,any)", so dont use that as you know that the server that you are publishing is on dmz and you are publishing it for traffic from outside interface

Use this instead

object network server-name
host 10.50.50.10 (ex ip to server)

object network server-name
nat (dmz,outside) static 216.22.34.46 (ex public ip)

Try this i am sure this will make it work for both inside users as well as outside users.

Cheers,

Naveen

New Member

NAT question with sw 9.1

Thanks Naveen, it works

151
Views
0
Helpful
2
Replies