cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
204
Views
0
Helpful
2
Replies

Internal mail-threat-detection

Shibu1978
Beginner
Beginner

Dear All,

We had one strange issue which was resolved by configuring  "no threat-detection statistics tcp-intercept" from threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200.

Issue

===

We were not able to access our mail server internally( Zone created in local DNS-(10.10.2.10))  when external nat & access-list configured on the same IP. ( https://mail.company.net).   When we remove the external static nat and access-list we can access mail server internally.

name 10.10.2.23 CASServer2

access-list outside_access_in extended permit tcp any host 94.*.*.170 eq https

static (INSIDE,OUTSIDE) 94.*.*.170 CASServer2 netmask 255.255.255.255

We have Cisco ASA 5520 8.2(5).  Could someone please get me an idea how did resolve by disabling the command above.

Thanks for your inputs.


2 REPLIES 2

Shibu1978
Beginner
Beginner

Could someone please throw some light on this.

I'm not sure if I understand your question.  My own experience is that if I want both internal and external NAT access to a particular server, I have to give it two different IP addresses.  I haven't run packet-tracer to see what the underlying issue is yet.

-- Jim Leinweber, WI State Lab of Hygiene

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: