Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Possible to access own external IP's?

When using a PIX 506 is there a way to allow the internal network to access the external IP range associated with the outside interface?

For example:

Web Server: 206.29.137.58

PIX e0: 206.29.137.57

PIX e1: 10.0.0.1

PC: 10.0.0.10

Is there a way to allow the PC to access the Web server using the external IP?

3 REPLIES
New Member

Re: Possible to access own external IP's?

Hi,

Yes we can do that and the process used is referred to as "DNS Doctoring".

Here is how we can do it:

Create a static translation for the web server like this:

static(inside,outside) 206.29.137.58 dns

Here dns is a keyword.

Also, on the outside interface we should have an access-list which should allow access to this ip:

access-list 101 permit ip any host 206.29.137.58

access-group 101 in interface outside

I hope it helps.

Thanks

Ashu

New Member

Re: Possible to access own external IP's?

Thank you for the reply.

Does this mean that I would only be able to use DNS names to access the resources assigned to the external IP's? Or will I be able to use the direct IP address instead of a name?

Thanks,

Jason

Green

Re: Possible to access own external IP's?

Not sure you would want to allow ip from any to your webserver as previously stated but try this document it may help you...

http://cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968d1.shtml

108
Views
0
Helpful
3
Replies