Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Hairpinning

I have a Linux server inside the firewall. Just purchased and installed ASA5505 bundle with Smartnet.

The Linux server sends backup result messages to our Exchange server. It does this by accessing an external port/IP address. This no longer works since upgrading to ASA5505. I have searched every mutt, sendmail, etc that I can on the Linux box. Any advise would be greatly appreciated.

Thanks.

6 REPLIES

Re: Hairpinning

You need to add another static in your ASA. Here's a link for reference. If you still have questions, let us know.

http://blogs.interfacett.com/mike-storm/2006/6/29/bidirectional-nat-on-a-cisco-pix-or-asa.html

HTH and please rate.

New Member

Re: Hairpinning

Thanks very much for the link.

I have passed this on, as this is starting to get outside of my realm.

Regards,

Brian

Hall of Fame Super Silver

Re: Hairpinning

Brian

I can not tell from your post whether you have configured the ASA to permit it to forward traffic back out the same interface on which it was received. By default the ASA does not do this. To configure it you would use this command:

same-security-traffic permit intra-interface

HTH

Rick

Green

Re: Hairpinning

This should do it. It may look slightly different depending upon your current configuration.

same-security-traffic permit intra-interface

global (inside) 1 interface

nat (inside) 1 0 0

static (inside,inside) netmask 255.255.255.255

New Member

Re: Hairpinning

Thanks very much for the reply.

We will be testing this over the next day or so.

Regards,

Brian

New Member

Re: Hairpinning

Thanks Rick.

I will be looking into all of this in the next day or so.

Regards,

Brian

163
Views
0
Helpful
6
Replies
CreatePlease to create content