Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
770
Views
0
Helpful
1
Replies

Access to public IP address from Inside

markus.albisser1
Level 1
Level 1

‎05-23-2012 12:28 AM - edited ‎03-11-2019 04:10 PM

Hi all

I need to connect from an inside host to a host located in the DMZ zone for DNS queries. The host in the DMZ zone has a static NAT to the outside. The point now is that I would like to connect from inside to the NATed outside address, means to the public Internet address.

Inside host: 10.0.0.1 -> PAT for 10.0.0.0/8 to 20.0.0.254 (Outside Interface)

DMZ host: 192.168.1.1 -> NAT to outside to 20.0.0.1

The traffic should be 10.0.0.1 udp>1024 to 20.0.0.1 udp=53. The source IP address on the outside interface now is 20.0.0.254 (according to the PAT), the destination IP address 20.0.0.1. The DNS reply from 20.0.0.1 should go back now to 20.0.0.254 and then to the inside host 10.0.0.1.

I know that on the PIX it was not possible, to have outgoing traffic on the outside interface which immediately enters again the same interface. Can I realize this scenario with the ASA 8.4(3) release now?

Thank you

Markus

1 person had this problem
Labels:
0 Helpful
1 Reply 1

markus.albisser1
Level 1
Level 1

‎06-01-2012 04:39 AM

Hi all

does anybody has an idea about this topic?

Thank you

Markus

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card