Hi,

To make it simple : we have an 8 IPs  subnet bound to one of our external interface. We’re doing dynaminc NAT with one  of these addresses to get out. We are also statically NATing our servers to the  other IPs (quite usual I think). From now on we’ve been using split DNS to  access servers from inside and outside.

Now we want to access our severs  with their external IPs from inside network and haven’t been able to configure  it on the PIX.(see the screen of network)

I use the command : same−security−traffic permit intra−interface

Now when I try to connect to a web server from an IP in 10.0.0.0 here is my log  on PIX:

6 Nov 23 2009 18:10:20 305011 10.0.0.6 *.*.*.209 Built dynamic TCP translation from inside:10.0.0.6/1353 to FibreOptique:*.*.*.209/19164

6 Nov 23 2009 18:10:20 302013 *.*.*.211 10.0.0.6 Built outbound TCP connection 565861 for FibreOptique:*.*.*.211/80 (*.*.*./80) to inside:10.0.0.6/1353 (*.*.*.209/19164)

6      Nov 23 2009      18:10:38      302014      *.*.*.211      10.0.0.6   
Teardown TCP connection 565861 for FibreOptique:*.*.*.211/80 to inside:10.0.0.6/1353 duration 0:00:30 bytes 0 SYN Timeout

I don't understand why I can't connect to this webserver and why there's a TEARDOWN TCP.

Thanks for your answer