Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How can I get LAN users to use "outside" IP's of ASA

Hi,

We have an ASA 5520 fireall with 20 public IP's which NAT'd to various web servers on the DMZ.

The thing is the internal LAN users can access them by typing in the internal IP of the server, but is it possible to treat the servers like an external company so if they type the public IP of FQDNS then it will be resolved?

Thanks

4 REPLIES
New Member

Re: How can I get LAN users to use "outside" IP's of ASA

The easiest way to do this is if you are running your own internal DNS that forwards outbound. Just add FQDN records pointing to you internal ips. When an internal user types hosta.domain.com it would resolve to the internal ip and route accordingly.

This would only work if you had internal DNS, but also had an external DNS server hosting your public resources.

Re: How can I get LAN users to use "outside" IP's of ASA

Green

Re: How can I get LAN users to use "outside" IP's of ASA

static (dmz,inside) netmask 255.255.255.255

New Member

Re: How can I get LAN users to use "outside" IP's of ASA

Is this a NAT from internal to external IP?

128
Views
0
Helpful
4
Replies
CreatePlease login to create content