cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


186
Views
0
Helpful
2
Replies
Beginner

NAT question with sw 9.1

Hi, this is probably a simple NAT question but I can't find answer.

From my inside interface with security level 100, I can access servers on the dmz interface with security level 50.

But if I publish a server on the dmz interface to outside, i can no longer connect to it from inside.

I publish the server with the command:

object network server-name
host 10.50.50.10 (ex ip to server)

object network server-name
nat (any,any) static 216.22.34.46 (ex public ip)

I have an acl on the outside interface in and allow traffic to the server. It all works well from outside internet --> to the server on the dmz. But i do not have access from an inside host to the server.

I assume it have to do with the NAT command?

I'm using an asa 5512-x with sw 9.1

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Beginner

NAT question with sw 9.1

Hi Johan,

You are using "nat(any,any)", so dont use that as you know that the server that you are publishing is on dmz and you are publishing it for traffic from outside interface

Use this instead

object network server-name
host 10.50.50.10 (ex ip to server)

object network server-name
nat (dmz,outside) static 216.22.34.46 (ex public ip)

Try this i am sure this will make it work for both inside users as well as outside users.

Cheers,

Naveen

View solution in original post

2 REPLIES 2
Highlighted
Beginner

NAT question with sw 9.1

Hi Johan,

You are using "nat(any,any)", so dont use that as you know that the server that you are publishing is on dmz and you are publishing it for traffic from outside interface

Use this instead

object network server-name
host 10.50.50.10 (ex ip to server)

object network server-name
nat (dmz,outside) static 216.22.34.46 (ex public ip)

Try this i am sure this will make it work for both inside users as well as outside users.

Cheers,

Naveen

View solution in original post

Beginner

NAT question with sw 9.1

Thanks Naveen, it works

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here