Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Unable to browse by IP if destination NAT is used

Hi,

I am using an ASA between our organisation and another. This link is used for many things, including http. If I browse to the actual IP of the server I have no problem - http://20.1.1.20, however if I configure destination NAT, so the web server is presented as a differnet IP to us, it no longer works - http://10.10.10.10. I noticed that the host field in the http request remains as the actual IP I browsed to - 10.10.10.10. Is this the correct behaviour. Should the ASA NAT this? I don't have a problem if I browse by name.

PC-------(in)ASA(out)----------Web-Server

PC = 10.1.1.1

Web-Server = 20.1.1.20

static(out, in) 10.10.10.10 20.1.1.20

Thanks.

Everyone's tags (1)
2 REPLIES

Re: Unable to browse by IP if destination NAT is used

Hi Phil,

After doing the destination NAT:

static(out, in) 10.10.10.10 20.1.1.20

Can you PING 10.10.10.10 from the PC?

What does a Packet-Tracer show us?

Federico.

New Member

Re: Unable to browse by IP if destination NAT is used

The issue is with the other organisation. They are dropping/ignoring packets with a HTTP Host field that they don't expect ie of the new IP I"m using. If I use the name it's fine.

I am simply asking whether it's normal to not NAT the HTTP Host field. I'm pretty sure it is, but wanted to double check.

327
Views
0
Helpful
2
Replies
CreatePlease to create content