From what I understand of your issue is that you want to access internal resource by their public IPs, and the internal DNS servers you are using for resolution is translating to the internal IP and not the public IP?
-- Please remember to select a correct answer and rate helpful posts
Sort of, not quite. I utilize split dns only for exchange. All other publicly natted hosts are on external records.
My issue is only when users are connected to the vpn. Otherwise all services lookup normally.
While connected, if a user were to take any natted resource and access it by its public ip (22.214.171.124:8443) it is blocked.
If they access via the private ip (10.1.1.1:8443) it is accessible.
I assume this to be a hairpinning issue. Also keep in mind the asa is only used to terminate the vpn. It is not the primary firewall, etc.
This situation is unique in that it only shows up for vpn users. I assume this is because they are subject to the asa nat rules at this point. I am not as familiar with setting those rules, which is my issue.
Cisco Champion Radio · S7|E37 Business Resiliency for your Workforce and Workplace
Today, organizations are facing changes so large, so fast, and so many—seeing acceleration of already established trends as well as unprecedented disruption—that’s making ...
Hello,i have a N5k-k5548up-af and i have a acl for trusted network which is attached to line vty and to my uplinks interface, and i have around 250 interface vlan and my interface vlans can reach bgp port or snmp port, is there nayway that tune copp to pe...
This event had place on Tuesday 22nd, Septemberat 10hrs PDT
Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active role help...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...
There has been a lot of grey area when one needs to get started with ISE or when one does not have any specific background.Could you please guide me to what are the thing that one needs to know inside out and what are the things which require only a minim...