We have some wireless devices our warehouse use on our wireless network there (VLAN on our internal Corp LAN) or via GPRS, GPRS works fine as the custom built software points to an external IP (172.26.1.2) that points to our ASA 5520 and NAT's to an internal IP or a server (IIS web server).
I been asked if it's possible for the wireless internal network to also use this external IP? So if the device is on the corperate wireless network and wants to get to this external IP then it doesn't go outbound and back in again, but merely NAT's/routers to the internal address?
So what you want to do is to hairpin the traffic on the inside of the ASA. Inside people will use external ip and hit the inside and the ASA will need to untranslate to the local inside ip and send it back inside.
Well this can be done, but it might have some complications.
You can have the ASA do
static (inside,inside) external_ip internal_ip.
But what is going to happen to the return traffic. When the internal ip responds, is the return traffic going to hit the ASA. If yes, then this could work.
If not then there might be asymmetric routing and you would need state bypass on the ASA so it won't drop packets because they do not follow the state information that it sees for that conn.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :