Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
520
Views
0
Helpful
2
Replies

DNS rewite and overloaded NAT

alan.morris
Level 1
Level 1

‎10-23-2009 01:21 PM - edited ‎03-11-2019 09:30 AM

We have a PIX515. On the inside is a mail server and clients. We have a dynamic NAT to the outside address overloaded by a static on port 25 for inbound mail. On the DMZ is a Web server that has a dynamic NAT to the same outside address plus overloaded static on port 443.

Access from inside to the DMZ is NAT exempt.

I am trying to set DNS rewrite (I assume on the inside/outside dynamic nat) so that accesses to the DMZ web server from the inside can be made using the external address. But this appears not to work.

Is this because of the multiple overloads, or is there an issue to do with the NAT order, or is the fact that inside/dmz traffic is not NATed?

Should I use outbound translates for inside/dmz traffic?

Labels:
0 Helpful
2 Replies 2

Kureli Sankar
Cisco Employee
Cisco Employee

‎10-24-2009 11:04 AM

DNS rewrite is not supported with static PAT.

0 Helpful

Tanveer Deewan
Cisco Employee
Cisco Employee

‎10-24-2009 04:32 PM

To access your webserver in DMZ from Inside using the server's public IP configure:

static (dmz,inside) y.y.y.y 443 x.x.x.x 443

where y.y.y.y is the public IP of the webserver and x.x.x.x is its private IP. This is an alternate to DNS doctoring for your case.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card