NAT and or DNS Problem?

ruliffilur · ‎06-12-2011

Hello

Got a case here where users are befind a firewall, the firewall have for short inside,outside and dmz interfaces. Users access a website that is localted on the dmz network. However, the webserver have an external ip adress that is nated into the dmz adress, Users are accessing the external ip adress and the external dns.

I´ll guess we have to do some NAT U turn in order to make this work, the flow is like this. inside -> outside -> dmz -> inside

//Johan

Anu M Chacko · ‎06-13-2011

Hi Johan,

Are the users also on the DMZ network and trying to access the server in the DMZ? Then you will need u turning. Here is how you do that:

static (dmz,dmz)

same-security-traffic intra interface

But if the users are on the inside interface and trying to access the server in DMZ, you don't need u-turning.

Hope this helps!

Regards,

Anu

ruliffilur · ‎06-13-2011

Hello Anu

Sorry forgot to mention that, all users are on the inside interfance, I also should mention that its only the guest network that has these problems, our regular user networks can access the webserver without any problems at all. There might be a nat in the firewall for those but at this time iam not sure.

//Johan

Anu M Chacko · ‎06-13-2011

Hi Johan,

What version of ASA are you using? Could you post the output of "sh run" here? Please specify the public and private IP address of the server in DMZ.

Regards,

Anu