Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
504
Views
0
Helpful
1
Replies

Need help figuring out NAT config issue on ASA 8.0

sdavids5670
Level 2
Level 2

‎05-21-2012 05:40 PM - edited ‎03-12-2019 06:03 PM

Here's the scenario:

ASA 8.0(4)23

Config element of interest:

static (Inside,Outside) HQMNExchange1-Global HQMNExchange1-LOCAL netmask 255.255.255.255

HQMNExchange1-Global refers to a publicly routable IP address.

HQMNExchange1-LOCAL has the IP address 10.10.5.27 and is, of course, off the Inside interface of the ASA.

I have a wireless network located off the "Inside" interface of the ASA.  The clients on this network use a public DNS server for name resolution.  When they try to connect to a website on the HQMNExchange1-Global system the connection attempt fails.  Coming from the outside works and connecting to the system using the inside local IP address instead of the inside global IP address works.  If they try to connect to the Inside Global IP address from the inside it does not work.

What should I be looking at?

Thanks,

Steven

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎05-21-2012 08:16 PM

Hello,

You will need the following:

global (outside) 1 interface

same-security-traffic permit intra-interface

static (inside,inside)   HQMNExchange1-Global HQMNExchange1-LOCAL

Do rate all the helfpul posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card