Traffic goes from ASA & comeback on same problem

vinodk_gupta · ‎04-03-2012

Hi,

My internet link is connected on Internet Router & below downwards Cisco ASA 5520 is connected.ASA is connected with core switch cisco 4510 on downwards.

our webbased mail url owa.test.com is hosted outside.

Lets suppose ISP pool is 4.4.4.0/28.suppose owa server is Static natted on ASA with 4.4.4.4. my machine traffic is going to internet with same ISP with the help of PAT on Cisco ASA & internet is working on my machine. if i want to access owa.test.com or ip base for mail access, its not working & also it is not pinging. i suppose to ASA is blocking for returning traffic.

is there any way to traffic will go via same Firewal & comeback on same firewall port?

Please help us how to resolve it.

Thanks

Vinod Kumar Gupta

9810966625

Jouni Forss · ‎04-04-2012

Hi,

What I understand from your post the situation is the following

You have a mail server on your inside network
Its NATed to a public IP from your ISP
The public IP has DNS name of owa.test.com associated with it
You are connecting to the mail server from your inside network with the DNS name?

If this is the case can you please provide me with the following information

the "static" command for the mail server (you can leave out the actual IPs if needed)
Is the DNS server you local computer uses located in the Internet or your local network?

I think you will need the ASA to handle the DNS replies that are coming from a DNS server from the outside network

This would require that you have a "dns" parameter in your "static" nat command for the mail server.

For example likes this (presuming you are running software 8.2 or earlier):

static (inside,outside) 4.4.4.4 x.x.x.x netmask 255.255.255.255 dns

If you are running 8.3 or newe software the same would be

object network MAIL-SERVER

host x.x.x.x

nat (inside,outside) static 4.4.4.4 dns

Hope this helps.

Please rate if it was any of any help

- Jouni