how connect from INSIDE to web server on DMZ with public IP

mubarak.mammadov · ‎09-12-2012

Hi all,

I hava ASA5510. INSIDE,DMZ and OUTSIDE interfaces are configured. I hava web server on DMZ ip:10.0.0.1 and it is static natted to 1.1.1.1.

From internet i can reach to web server with IP:1.1.1.1 and from INSIDE connect to web server with IP:10.0.0.1.

Now i want to connect from INSIDE to WEB server via public IP(1.1.1.1).how can configure it?

varrao · ‎09-12-2012

If you are using any software version prior to 8.3, you would need this;

static (dmz,inside) 1.1.1.1 10.0.0.1

Hope that helps.

It would be better if you can let me know the code as well as share your current config.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao

mubarak.mammadov · ‎09-17-2012

Hi Varun,

i test with

static (dmz,inside) 1.1.1.1 10.0.0.1 . but same result. I even test with alias command.

alias (DMZ) 1.1.1.1 10.0.0.1 ,same.from inside network cant reach to 1.1.1.1.when i debug nat.from inside to 1.1.1.1 no any packets. Interesting that when I test with ASA's parket tracer. traffic from inside to 1.1.1.1 goes fine.

what's wrong?