Hello All,
I'm trying to configure a rule on ASA from a list of URLs to private IPs, the config I have is below:
dns domain-lookup outside
dns server-group DefaultDNS
name-server 8.8.8.8
object network private_ips
range 10.0.0.0 10.0.0.20
object network fqdn_url.com
fqdn url.com
object network fqdn_url2.com
fqdn url2.com
object-group network urls.com
network-object object fqdn_url.com
network-object object fqdn_url2.com
nat (outside,inside) after-auto source dynamic any interface
access-list IN_OUTSIDE line 1 extended permit tcp object-group urls.com object private_ips eq https
There're no static translations for any of the IPs in the range.
It is not working, any suggestions? Should the NAT statement be enough to permit the traffic this way?
Thanks in advance.