Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Cannot access server in one public subnet from user Natted to different subnet public address

Scenario, my server x.x.58.14 from one of the public subnet assigned by ISP cannot be accessed from DMZ guest wireless subnet (using GWC) which is natted to different public subnet (x.x.68.19). However the internet works fine and remaining services from same public pool works fine. We are missing something from the configuration part but the Arp entry for both the public IP entries for outside interface is same. ISP has also routed the 2nd public subnet using static route. I am not sure how appropriate question this looks, any suggestion is highly appreciated.

Thank you

Super Bronze

Cannot access server in one public subnet from user Natted to di


You dont mention the device you are using or its software level.

If I understood you correctly then you have 2 different public subnets on the WAN edge of your current device. And now some internal host is trying to access some other internal server through its public IP address?

If this is the case and you are using Cisco ASA or Cisco PIX for example then this usually isnt allowed by default unless you configure a NAT between the source and destination interface. Only having NAT configured between the internal and external interface of the firewall wont enable you to connect to the public IP address from behind the internal interface.

- Jouni

CreatePlease to create content