I'm struggling with the following issue for days and would very much appreciate your help:
I have a ASA5505 that does NAT for inside hosts for internet access and also forwards some ports from the external interface to an inside host server (tcp 25, 80, 143, etc). I need my inside hosts to be able to access the inside server via its external DNS name (mail.example.com), so we can have a single configuration in our e-mail clients (smtp server: mail.company.com) that would work both from the Outside (Internet) and the internal LAN.
The ASA however discards the packets, packet-tracer shows the following:
Result: input-interface: Company_LAN input-status: up input-line-status: up output-interface: NP Identity Ifc output-status: up output-line-status: up Action: drop Drop-reason: (acl-drop) Flow is denied by configured rule
There is no internal DNS Server at the moment, clients are configured to access DNS servers provided by the ISP. I have found some documentation on "NAT Hairpinning", is this a solution applicable to ASA software version 8.4(2)? If so, can you please provide one example command?
Edit: perhaps a static nat to redirect any requests from inside hosts for the ASA's external IP 82.79.xx.xx to internal 192.168.9.2 server?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...