Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
397
Views
0
Helpful
3
Replies

Accessing webserver in DMZ from Inside via DHCPed outside address

Alex
Level 1
Level 1

‎05-15-2015 12:05 AM - edited ‎03-11-2019 10:56 PM

So i want to access a webserver in DMZ from Inside by both its internal and Outside public IP (assigned via DHCP) without using DNS doctoring. Can access it via internal no problem and found few articles that cover hairpining but they usually cover it from the same interface or with a static public IP

Labels:
0 Helpful
3 Replies 3

Alex
Level 1
Level 1

‎05-15-2015 12:49 AM

Oh and it's on ASA 9.2

0 Helpful

Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to Alex

‎05-15-2015 07:40 AM

Hi,

Let's assume this:-

LAN:- 1.1.1.0/24

DMZ server:- 2.2.2.2

Outside interface:- x.x.x.x

object network LAN

subnet 1.1.1.0 255.255.255.0

nat (inside,dmz) source dynamic  LAN interface destination static x.x.x.x 2.2.2.2

object network obj-DMZsrv

host 2.2.2.2

nat (dmz,outside) static interface service tcp 443 443

This has to be static PAT as you can only forward specific ports using the interface IP.

Thanks and Regards,

Vibhor Amrodia

0 Helpful

Alex
Level 1
Level 1
In response to Vibhor Amrodia

‎05-15-2015 04:10 PM

"Outside interface:- x.x.x.x"

What if the outside is a DHCP client? And doesn't get a static IP?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card