06-01-2006 07:25 AM - edited 03-03-2019 03:27 AM
Hi, I am using a Cisco ASA 5520 connected to 3 network: outside (public_address/8), inside (192.168.140.251/24) and guest (10.1.0.1/8). Each of this interface has an associated access-list, with many rules, permitting traffic to the outside network from inside and guest, and to inside network with destination nat. Now, overlapped to the public_network on the outside interface, I also have another private network (10.20.0.0/8). The problem is that I can access to the guest network only with a public IP, but not an IP of the 10.20 network. How can I do that?
Thanks, Fabio
06-02-2006 07:39 AM
Hi ,
Becuase the address are clashing, you neeed to translate the ouside 10.20 to address eg 172.17
(outside,inside) 172.17.x.x 10.20.x.x netmask x.x.x.x
the on the access-list applie to the outside
permit 10.20.x.x to the global address of the guest network.
hope this help.
Regards
06-05-2006 06:57 AM
Hi, thanks for your reply. However seems that my problem is that all packets coming from a private IP address from the outside network are dropped: seems there is an implicit rule that block incoming packets when they have a private IP address, a sort of 'anti-spoofing' rule. What I want to do is remove this rule. Is it possible, and how?
Thanks,
Fabio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide