Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
473
Views
0
Helpful
1
Replies

allow local network to access public internet address on DMZ

smithcolm
Level 1
Level 1

‎03-15-2013 08:20 AM - edited ‎03-04-2019 07:18 PM

Hi,

I have a Cisco ASA 5510

I am using ASDM 6.1

I have a LAN and a DMZ and an internet connection.

I am using one of the internet connection IPs to host a HTTP service on a server in my DMZ.  (its the same interface as my internet connenction but a different IP to the one used for internet connectivity)

so say my LAN is 192.168.1.x

and my DMZ is 172.168.1.x

I can access DMZ from Lan and vice versa.

when i try to access the public IP (or URL) from a pc in my LAN i get nothing.

I have enabled DNS rewrite (doctoring) but it is still not working.

the HTTP service is available from other sites.

thanks

C

Labels:
0 Helpful
1 Reply 1

smithcolm
Level 1
Level 1

‎03-19-2013 06:54 AM

I figured it out.

I actually needed to use "Hairpinning"..

I setup a static NAT rule that nat'd the internal HTTP server to the external IP but on the inisde interface.

so something like

static (DMZ,inside) outsideIP DMZ_ServerIP netmask 255.255.255.255

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card