03-27-2019 11:35 PM
Hi everyone,
On Asa i configured 4 interfaces .
Inside1 - 172.16.2.0/24 security level 100
Inside2 - 172.16.3.0/24 security level 100
Dmz - 10.10.10.0 security level 50
Outside - 100.100.100.2/29 security level 0
In inside2 i have a host wih ip 172.16.3.2/24 and in dmz i have server 10.10.10.100/24. Everything is natted to outside and there is static nat to dmz server on port 23 from outside.everythink is ok.The problem is im not able to connect to dmz server with public ip (telnet 100.100.100.2 23) from inside2 host 172.16.3.2/24. I tried to configure no-nat but no success,packet tracer shows drop with no route error.Any helps appreciated.
Solved! Go to Solution.
03-27-2019 11:59 PM
Hi,
You need NET hairpin to get this solution. I am sharing a configuration which will help you:
object network Inside-all
subnet 172.16.2.0 255.255.255.0
subnet 172.16.3.0 255.255.255.0
!
object network obj-Server-Hairpin
host 10.10.10.100
!
object network obj-100.100.100.2
host 100.100.100.2
!
nat (inside,DMZ) source static Inside-all interface destination static
obj-100.100.100.2 obj-Server-Hairpin
Regards,
Deepak Kumar
03-27-2019 11:59 PM
Hi,
You need NET hairpin to get this solution. I am sharing a configuration which will help you:
object network Inside-all
subnet 172.16.2.0 255.255.255.0
subnet 172.16.3.0 255.255.255.0
!
object network obj-Server-Hairpin
host 10.10.10.100
!
object network obj-100.100.100.2
host 100.100.100.2
!
nat (inside,DMZ) source static Inside-all interface destination static
obj-100.100.100.2 obj-Server-Hairpin
Regards,
Deepak Kumar
03-28-2019 04:40 AM
thanks for your answer,why should i create object for wan ip ? i used interface not worked but with ip it worked.What about dynamic wan ip ? what should i do ?
03-28-2019 04:49 AM
Hi,
Really I never tried with a dynamic IP address.
Regards,
Deepak Kumar
03-28-2019 12:26 PM
Anyone else has an idea about dynamic wan ip hairpin ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide