06-21-2016 07:30 PM - edited 03-08-2019 06:18 AM
Issue 1: I have an internal Spiceworks webserver sitting behind a 5512. I can't seem to figure out how to configure hairpin NAT using ASDM. I'm not familiar enough with the CLI anymore to tackle it that way. Additionally, initial requests are made on port 80 and then changed by the webserver to port 9675. The webserver is on a domain controller that sits on the same network and utilizes the same interface as the rest of the LAN subnet.
Issue 2: External users are able to access the webserver and use it but files do not load. I have a page with JPGs that do not load and every link to PDF files does not load. They worked just fine prior to adding the ASA so I'm assuming the ASA is filtering it out somehow but I'm not sure where.
Issue 3: Internal traffic is being filtered oddly. Prior to adding the ASA, users on the same network as the domain controllers had drive maps applied to them through group policies. Since adding the ASA, those drive mappings are no longer being done.
e0/0: Outside interface - Public IP --->ISP Fiber switch
e0/5: Inside interface - LAN Network --> LAN Switch --->Domain Controllers & user workstations.
06-21-2016 09:29 PM
Issue 2: I've reconfigured our internal DNS to house the zone for our public listings and instead of resolving to the public IP for the webserver's URL it resolves to the internal IP (Temporary, would still prefer to have hairpin NAT configured). In this manner, internal hosts are able to see the JPEGs and load the PDF files. This further verifies that the ASA is filtering those files.
06-21-2016 10:28 PM
Hello
Is your LAN switch doing the inter-vlan routing, and does has a default next-hop towards the ASA inside interface?
Can you post your configuration of the ASA please.
res
Paul
06-22-2016 08:34 AM
There are no separate VLANs on the network. Below is my current running config:
06-23-2016 05:48 AM
Issue 3 Resolved
Turns out it was a coincidence with a Windows patch that broke how group policy processing was done. I assumed it was the ASA as it was reporting SYN attacks on port 135 from internal users to server IPs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide