Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1475
Views
10
Helpful
2
Replies

Cisco ASA - Guest WIFI - exchange server connectivity

Go to solution
LovejitSingh1313
Level 1
Level 1

‎10-19-2020 11:05 AM

Hello Guys @balaji.bandi  @Rob Ingram  

 

I have separate interface with separate subnet for Guest WIFI and it only has internet access. Guest WIFI is using Public DNS servers.  It is resolving to the Public IP which is mapped to internal IP of Exchange. 

 

Right now it is not working? Please advice how to make it working?

 

Thanks,

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marius Gunnerud
VIP
VIP

‎10-19-2020 12:13 PM

So, Your exchange server is being NATed to a public IP and the Guest WIFI is not able to access the server since they are being resolved to the public IP?

If this is the case, then you have two options to solve this.

1. configure a twice nat statement on the ASA that translates the destination public IP of the Exchange server to the private IP of the server for the Guest WIFI network.

example (change interface names and IP addresses as needed)

object network Exch-real-IP

 host 10.10.10.2

object network Exch-public-IP

 host 1.1.1.2

object network GuestWIFI

 subnet 20.20.20.0 255.255.255.0

nat (GuestWIFI,DMZ) source static GuestWIFI GuestWIFI destination static Exch-real-IP Exch-public-IP

2. Add the DNS key word to the end of the existing NAT statment for the Exchange server.  in this case you will also need to add an access rule allowing the Guest WIFI access to the private IP of the exchange server.

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

2 Replies 2

Go to solution
Rob Ingram
VIP
VIP

‎10-19-2020 11:11 AM

Please provide the configuration and the output of “show Nat detail” 

Run packet-tracer from the CLI and provide the output

Go to solution
Marius Gunnerud
VIP
VIP

‎10-19-2020 12:13 PM

So, Your exchange server is being NATed to a public IP and the Guest WIFI is not able to access the server since they are being resolved to the public IP?

If this is the case, then you have two options to solve this.

1. configure a twice nat statement on the ASA that translates the destination public IP of the Exchange server to the private IP of the server for the Guest WIFI network.

example (change interface names and IP addresses as needed)

object network Exch-real-IP

 host 10.10.10.2

object network Exch-public-IP

 host 1.1.1.2

object network GuestWIFI

 subnet 20.20.20.0 255.255.255.0

nat (GuestWIFI,DMZ) source static GuestWIFI GuestWIFI destination static Exch-real-IP Exch-public-IP

2. Add the DNS key word to the end of the existing NAT statment for the Exchange server.  in this case you will also need to add an access rule allowing the Guest WIFI access to the private IP of the exchange server.

--
Please remember to select a correct answer and rate helpful posts
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card