https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709619#M560950 <HTML><HEAD></HEAD><BODY><P>Hi Johan,</P><P></P><P>Are the users also on the DMZ network and trying to access the server in the DMZ? Then you will need u turning. Here is how you do that:</P><P></P><P>static (dmz,dmz) <PUBLIC ip="" of="" server=""> <PRIVATE ip="" of="" the="" server=""></PRIVATE></PUBLIC></P><P>same-security-traffic intra interface</P><P></P><P>But if the users are on the inside interface and trying to access the server in DMZ, you don't need u-turning.</P><P></P><P>Hope this helps!</P><P></P><P>Regards,</P><P>Anu</P></BODY></HTML> Mon, 13 Jun 2011 07:12:57 GMT Anu M Chacko 2011-06-13T07:12:57Z https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709618#M560948 <P>Hello</P><P></P><P>Got a case here where users are befind a firewall, the firewall have for short inside,outside and dmz interfaces. Users access a website that is localted on the dmz network. However, the webserver have an external ip adress that is nated into the dmz adress, Users are accessing the external ip adress and the external dns. </P><P></P><P>I´ll guess we have to do some NAT U turn in order to make this work, the flow is like this. inside -&gt; outside -&gt; dmz -&gt; inside</P><P></P><P>//Johan</P> Mon, 11 Mar 2019 20:44:11 GMT https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709618#M560948 ruliffilur 2019-03-11T20:44:11Z https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709619#M560950 <HTML><HEAD></HEAD><BODY><P>Hi Johan,</P><P></P><P>Are the users also on the DMZ network and trying to access the server in the DMZ? Then you will need u turning. Here is how you do that:</P><P></P><P>static (dmz,dmz) <PUBLIC ip="" of="" server=""> <PRIVATE ip="" of="" the="" server=""></PRIVATE></PUBLIC></P><P>same-security-traffic intra interface</P><P></P><P>But if the users are on the inside interface and trying to access the server in DMZ, you don't need u-turning.</P><P></P><P>Hope this helps!</P><P></P><P>Regards,</P><P>Anu</P></BODY></HTML> Mon, 13 Jun 2011 07:12:57 GMT https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709619#M560950 Anu M Chacko 2011-06-13T07:12:57Z https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709620#M560951 <HTML><HEAD></HEAD><BODY><P>Hello Anu</P><P></P><P>Sorry forgot to mention that, all users are on the inside interfance, I also should mention that its only the guest network that has these problems, our regular user networks can access the webserver without any problems at all. There might be a nat in the firewall for those but at this time iam not sure.</P><P></P><P>//Johan</P></BODY></HTML> Mon, 13 Jun 2011 07:19:18 GMT https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709620#M560951 ruliffilur 2011-06-13T07:19:18Z https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709621#M560954 <HTML><HEAD></HEAD><BODY><P>Hi Johan,</P><P></P><P>What version of ASA are you using? Could you post the output of "sh run" here? Please specify the public and private IP address of the server in DMZ.</P><P></P><P>Regards,</P><P>Anu</P></BODY></HTML> Mon, 13 Jun 2011 07:59:17 GMT https://community.cisco.com/t5/network-security/nat-and-or-dns-problem/m-p/1709621#M560954 Anu M Chacko 2011-06-13T07:59:17Z