08-14-2017 04:48 PM - edited 03-12-2019 02:49 AM
Greetings,
I recently implemented a static NAT from an inside address (NLBip) to an outside static public address. The server(s) are working as designed and the site is accessible via HTTP/S externally. There two servers behind the NLB address, they're setup in a active/backup configuration and in the same subnet as the NLB address. However, I'm able to hit the NLB address internally, also over VPN when not in the office, unless I remove the outside NAT statement.
I also setup a packet capture, from my VPN address to the NLB address, and no packets increment and that was with and without the static NAT.
Would this be something a twice NAT or identity NAT could fix?
NAT config: nat (NLBint,Outside) source static obj-sourceNLBip obj-destPUB
Thanks in advance.
08-15-2017 05:41 AM
When connected to the vpn:
1- Do you try to access the server using the external [public address] or the internal one?
2- Do you access the server via name or ip address?
Moh,
08-15-2017 07:40 AM
1- Do you try to access the server using the external [public address] or the internal one? [ah-the internal address, both of the addresses (VPN and server address) live on the same ASA]
2- Do you access the server via name or ip address? [ah-Ip address]
-Andrew
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide