Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
432
Views
0
Helpful
2
Replies

ASA 5520 - enabling access from external network

fabio1234
Level 1
Level 1

‎06-01-2006 07:25 AM - edited ‎03-03-2019 03:27 AM

Hi, I am using a Cisco ASA 5520 connected to 3 network: outside (public_address/8), inside (192.168.140.251/24) and guest (10.1.0.1/8). Each of this interface has an associated access-list, with many rules, permitting traffic to the outside network from inside and guest, and to inside network with destination nat. Now, overlapped to the public_network on the outside interface, I also have another private network (10.20.0.0/8). The problem is that I can access to the guest network only with a public IP, but not an IP of the 10.20 network. How can I do that?

Thanks, Fabio

Labels:
0 Helpful
2 Replies 2

ohanusi
Level 1
Level 1

‎06-02-2006 07:39 AM

Hi ,

Becuase the address are clashing, you neeed to translate the ouside 10.20 to address eg 172.17

(outside,inside) 172.17.x.x 10.20.x.x netmask x.x.x.x

the on the access-list applie to the outside

permit 10.20.x.x to the global address of the guest network.

hope this help.

Regards

0 Helpful

fabio1234
Level 1
Level 1
In response to ohanusi

‎06-05-2006 06:57 AM

Hi, thanks for your reply. However seems that my problem is that all packets coming from a private IP address from the outside network are dropped: seems there is an implicit rule that block incoming packets when they have a private IP address, a sort of 'anti-spoofing' rule. What I want to do is remove this rule. Is it possible, and how?

Thanks,

Fabio

0 Helpful
Customers Also Viewed These Support Documents