ā02-05-2013 06:15 AM - edited ā03-11-2019 05:56 PM
Dear All,
We had one strange issue which was resolved by configuring "no threat-detection statistics tcp-intercept" from threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200.
Issue
===
We were not able to access our mail server internally( Zone created in local DNS-(10.10.2.10)) when external nat & access-list configured on the same IP. ( https://mail.company.net). When we remove the external static nat and access-list we can access mail server internally.
name 10.10.2.23 CASServer2
access-list outside_access_in extended permit tcp any host 94.*.*.170 eq https
static (INSIDE,OUTSIDE) 94.*.*.170 CASServer2 netmask 255.255.255.255
We have Cisco ASA 5520 8.2(5). Could someone please get me an idea how did resolve by disabling the command above.
Thanks for your inputs.
ā02-05-2013 06:54 AM
Could someone please throw some light on this.
ā02-05-2013 08:22 AM
I'm not sure if I understand your question. My own experience is that if I want both internal and external NAT access to a particular server, I have to give it two different IP addresses. I haven't run packet-tracer to see what the underlying issue is yet.
-- Jim Leinweber, WI State Lab of Hygiene
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide