Hi,
I have a scenario where i need to enable nat reflection or understand how I can make this work on a ASA 55x5-x for a specific design of telepresence equipment.
There is a equipment that sets inside the network, and its peer (or slave) that sits on the dmz to handle outside connections.
Basically i have to setup up a nat reflection scenario so that the inside appliance only registers to the dmz device using its public natted address and not the dmz address. I have tried to configure this using "same-security-traffic permit intra-interface", static nat for the outside interface which in turn performs an identity nat for the public addresses...
In turn I would like to hairpin this traffic on the outside interface and have it hit the dmz when sourced from the inside and vice versa.
Is this possbile on the 8.6 code? For anyone interested here is a link to the guide that explains this behavior:
http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Basic_Configuration_Control_with_Expressway_Deployment_Guide_X7-2.pdf (page 64)
Thanks,
Tarik Admani
*Please rate helpful posts*