Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

PIX/ASA Access static nat from inside

Hi,

It seems that the PIX/ASA does not allow an inside host to hit an static nat such as below on the external public IP 111.222.3.4.

static (inside,outside) tcp 111.222.3.4 80 10.200.4.20 80 netmask 255.255.255.255

I know this is what internal DNS is for but this customer does not want to run internal DNS.

The PIX seems to have a similar issue when you ssh to it in that you cant ssh to the outside interface if your traffic originates from the inside.

Has anyone tripped over a solution to these issues.

Thanks in advance for any assistance.

Kent.

1 REPLY
New Member

Re: PIX/ASA Access static nat from inside

This doc explains all - except ssh to the asa external interface from the inside. Would appreciate any ideas on this.

"PIX/ASA: Perform DNS Doctoring with the static Command and Two NAT Interfaces Configuration Example"

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968d1.shtml

Cheers

Kent.

429
Views
0
Helpful
1
Replies
CreatePlease to create content