Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
721
Views
0
Helpful
2
Replies

Cross interface traffic ASA5505

Mark^
Level 4
Level 4

‎03-12-2012 08:10 AM - edited ‎03-11-2019 03:41 PM

My brain is not workomg this morning.

I have an ASA-5505, interfaces as follows -

Outisde interface:

  • WAN/Internet
  • Security Level 0
  • vlan3

Inside interface:

  • 10.10.10.0/24
  • Security Level 100
  • vlan1

Guest Wi-Fi interface:

  • 192.168.168.0/24
  • Security Level 90
  • vlan 23

I have an Exchange server on the 10.10.10.0 network.  I need to be able to allow ActiveSync and OWA from the Guest WiFi through to the Exchange server on the 10.10.10.0 network.  The Guest Wi-Fi uses external DNS so traffic is going out to the Internet and getting an IP address which is of course assigned to the Outside interface abd trying to come back in on that interface.

How do I make this do what I need?  How do I setup the rules to allow this traffic?

Thanks!

Mark
Labels:
0 Helpful
2 Replies 2

andrew.prince
Level 11
Level 11

‎03-12-2012 08:42 AM

You need to:-

1) Allow the traffic from the Guest-WIFI interface to the Inside interface via and ACL

2) Configure the nat-exemption for this traffic flow

HTH>

0 Helpful

Mark^
Level 4
Level 4
In response to andrew.prince

‎03-12-2012 11:48 AM

I think what's got me here is the nat-exemption.  Do I want static NAT?  Something like:

      nat (WiFi,inside) 4 source static any any destination static obj-10.10.10.209 obj-10.10.10.209

Mark
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card