Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: ASA 5505 access outside IP address from inside network

ASA 5505 access outside IP address from inside network 6 years 8 months ago #33408

  • heliart
  • heliart's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Hi there,

So I have this issue. I have the 5505 working well. There's a machine on my inside network on 192.168.1.10 that's serving an HTTP page on port xyz.
Any external access to the outside IP address gets routed correctly to the server. i.e. any request coming in from the internet.

The problem I have is that I can't get to this server via the outside IP address from the inside network.

Example.
Outside IP = 62.255.24.64
Inside IP of server = 192.168.1.10

From a machine on the internet I can access 62.255.24.64:xyz and the access is served correctly from 192.168.1.10

From a machine on the inside network I can access 192.168.1.10:xyz and the access is served correctly

But, where it fails is that if I try to access 62.255.24.64:xyz from a machine on the inside network - this fails

It's very unclear to me what type of rule needs setting up to permit an access that looks like this?

Any help would be great.

Cheers.

Steve
The administrator has disabled public write access.

Re: ASA 5505 access outside IP address from inside network 6 years 8 months ago #33418

  • tuanhs
  • tuanhs's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Karma: 0
Hi there,

So I have this issue. I have the 5505 working well. There's a machine on my inside network on 192.168.1.10 that's serving an HTTP page on port xyz.
Any external access to the outside IP address gets routed correctly to the server. i.e. any request coming in from the internet.

The problem I have is that I can't get to this server via the outside IP address from the inside network.

Example.
Outside IP = 62.255.24.64
Inside IP of server = 192.168.1.10

From a machine on the internet I can access 62.255.24.64:xyz and the access is served correctly from 192.168.1.10

From a machine on the inside network I can access 192.168.1.10:xyz and the access is served correctly

But, where it fails is that if I try to access 62.255.24.64:xyz from a machine on the inside network - this fails

It's very unclear to me what type of rule needs setting up to permit an access that looks like this?

Any help would be great.

Cheers.

Steve

dear!
three configuration step you should follow one by one:
- configuring the basic setup (interface, IP, route, management access ,icmp). Test the result by pinging and remote access the devices.
- configuring NAT rules (global NAT or static NAT)
- configuring accessl-list and access-group to allow traffic.

in your case, you should ensure that you can ping well to inside and outside addresses. then create a global NAT for your entire inside network. create a static NAT for your web server. after that create some access-list, access-group to allow traffic coming in and out. finally test the traffic. you can view log through monitoring log screen.

hope that could help!
best regards!
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup