Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

421
Views
3
Helpful
7
Replies
mohamed sebaey
Beginner
Beginner
‎08-09-2015 11:01 PM
‎08-09-2015 11:01 PM

Allow traffic between public and private ip

hi

 

i have Cisco ASA 5510 , i have one server published to internet with IP 9.9.9.9 which natted to private ip 10.0.0.1 " server private ip" . I  need to open communication by  enable " ping ,and https 'from public IP address 9.9.9.9 to my private ip " 10.0.0.50" where  10.0.0.50 is user ip and it behind  proxy for internet access , so i need to communicate with 9.9.9.9 using my private ip 10.0.0.50.

 

note : 10.0.0.50 uses proxy to access internet , and its public ip  is 9.9.9.3 .

 

 

thanks

 

Labels:
0 Helpful
7 REPLIES 7
shijomon scaria
Beginner
Beginner
‎08-10-2015 12:19 AM
‎08-10-2015 12:19 AM

Hi,

 

Below is what I understand, correct me if I am wrong.

You have a server with private IP 10.0.0.1 which is published to internet with ip 9.9.9.9

You want to access the services from the published server using public IP from IP 10.0.0.50 and has internet access through a proxy server.

 

Question. - Are these IPs 10.0.0.1 and 10.0.0.50 shares the same internet link ? Or the proxy server has a different internet link ??

 

Regards,

Shijo.

 

0 Helpful
mohamed sebaey
Beginner
Beginner
In response to shijomon scaria
‎08-10-2015 10:36 PM
‎08-10-2015 10:36 PM

Hello

 

Yes , that is my goal . I need to access 9.9.9.9 by my ip lan ip 10.0.0.50 . For your question , u are correct they share same internet ISP . 

0 Helpful
shijomon scaria
Beginner
Beginner
In response to mohamed sebaey
‎08-11-2015 12:14 AM
‎08-11-2015 12:14 AM

Hi,

OK, so NAT Loop back is your option.

Do the below.

static (inside,inside) 9.9.9.9 10.0.0.1 netmask 255.255.255.0

This will make the public IP available in LAN also.

I assume that there must be 'static (inside,outside)' statement and an ACL permitting traffic on the public IP on required ports from outside.

 

Rate if you find this helpful

Regards,

Shijo.

mohamed sebaey
Beginner
Beginner
In response to shijomon scaria
‎08-11-2015 05:57 AM
‎08-11-2015 05:57 AM

thanks  for your help ,, but i tested that already before without no luck. Could u share with me any other ideas?.

 

 

 

0 Helpful
shijomon scaria
Beginner
Beginner
In response to mohamed sebaey
‎08-11-2015 06:07 AM
‎08-11-2015 06:07 AM

Hi,

It should work, I have the same scenario. Please share your configuration.

Regards,

Shijo.

0 Helpful
mohamed sebaey
Beginner
Beginner
In response to shijomon scaria
‎08-11-2015 09:46 AM
‎08-11-2015 09:46 AM

Ok i will share , is there any ACL required?.

 

thanks

 

0 Helpful
shijomon scaria
Beginner
Beginner
In response to mohamed sebaey
‎08-12-2015 04:51 AM
‎08-12-2015 04:51 AM

Hi,

 

Do you have an ACL configured to allow traffic from outside to inside on the required ports, applied on outside interface in 'in' direction ??

 

Regards,

Shijo.

0 Helpful
Latest Contents
Email Security - QuoVadis Root Certificate Decommission Migh...
Created by dmccabej on 03-30-2021 09:32 AM
0
0
0
0
Problem Description For all versions of the Email Security Appliance (ESA) and Security Management Appliance (SMA), some Secure Sockets Link (SSL) certificates issued from the QuoVadis root certificate authority (CA) trust chain before 2021-03-31 cannot b... view more
ISE REST APIs Webinar: April 6/7, 2021
Created by thomas on 03-25-2021 07:57 PM
1
5
1
5
  Register Now Automation and programmability for networking and security are increasingly important topics. Every release since ISE 1.2 has included new REST API capabilities to better automate and integrate ISE with the rest of your network, appli... view more
FMT 2.3.4 adding ASA migrations of S2S VPN in public beta
Created by William_Hansch on 03-22-2021 08:00 AM
1
10
1
10
The latest iteration (v2.3.4) of the Cisco Secure Firewall Migration Tool adds public beta support for S2S VPN migrations from ASA: Policy-based (crypto map) Pre-Shared key authentication type VPN configuration to Firepower Management Center VP... view more
What's New for Cisco Defense Orchestrator (CDO)
Created by Andrew Mallio on 03-22-2021 04:40 AM
1
40
1
40
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.  We make improvement... view more
ISE Data limiting best practices
Created by Jonathan Casillas on 03-18-2021 04:34 PM
0
5
0
5
Intro This document presents the ISE data limiting best practices that can dramatically improve the system performance on ISE. Symptoms Your deployment may be impacted if the alarms tab on ISE shows High load average, high CPU or high memoy usage alarm... view more
Content for Community-Ad