I have a webserver on a DMZ. Webserver should be accessed from public internet as well as from internal networks.
They access the server with http://www.url.com and both internal users and external gets the same IP from the DNS servers. Lets say: 85.119.1.10
I would like to add a NAT rule that do something like this:
From source inside 192.168.1.10 to destination 85.119.1.10 translate to source 192.168.1.10 destination: 172.16.1.10
For the reply from the webserver to the inside clients. I would like to add a rule that DO NOT translate source adress. So something like this:
source: 172.16.1.10 to destination: 192.168.1.10 translate to source 172.16.1.10 to destination 192.168.1.10
Please see the attached drawing for a better understaning.
When ever I try this ASDM ads the same type of translation in both direction. I have done these NAT rules in Checkpoint firewall but never in ASA. Is this possible? Can anyone assist.
Thanks.