Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
974
Views
0
Helpful
5
Replies

Two public external addresses need to talk to one another

Go to solution
Shawn Thomas
Level 1
Level 1

‎03-20-2013 01:54 PM - edited ‎03-11-2019 06:17 PM

I have two external address that need to talk to each other.

I know this does NOT require a VPN tunnel to do so and NAT is not needed either.

I need to enable access on the outside interface for a public ip>

(public IP that lives on my ASA <------------------------- > needs to talk to another public ip that lives on the outside of my network)

Any help or suggestions would be appreciated!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to Shawn Thomas

‎03-20-2013 04:13 PM

Hello,

Then it should not reach the ASA at all as it's on the outside interface.

Internal subnet -----ASA----Outside subnet------Switch----ISP Modem-------------- Internet-----Other PC

                                                                      |

                                                                      |

                                                            Outside PC

Communication does not need to flow to the ASA if the ISP modem router or whatever device it's there has the right mac address assignment for Outside PC Ip address,

Clear enough? let me know

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎03-20-2013 03:45 PM

Hello Shawn,

So basically a user that is outside the ASA but on the same subnet than the ASA outside interface wants to communicate with a public address that is being used by an internal address via NAT, Rigth?

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
Shawn Thomas
Level 1
Level 1
In response to Julio Carvajal

‎03-20-2013 03:48 PM

Well Host B which is not on my network needs to talk to Host A which is on my network.

Both have public ip addresses.

0 Helpful

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to Shawn Thomas

‎03-20-2013 04:13 PM

Hello,

Then it should not reach the ASA at all as it's on the outside interface.

Internal subnet -----ASA----Outside subnet------Switch----ISP Modem-------------- Internet-----Other PC

                                                                      |

                                                                      |

                                                            Outside PC

Communication does not need to flow to the ASA if the ISP modem router or whatever device it's there has the right mac address assignment for Outside PC Ip address,

Clear enough? let me know

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
Shawn Thomas
Level 1
Level 1
In response to Julio Carvajal

‎04-01-2013 09:52 AM

Figured it out... I added both external ips via an permit acl to the outside interface.

Thanks for replying.

0 Helpful

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to Shawn Thomas

‎04-01-2013 10:14 AM

Hello,

Sure, my pleasure,

Please mark the question as answered so future users can learn from this

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card