Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: ASA5505 inside loop back to inside based on outside address?

ASA5505 inside loop back to inside based on outside address? 5 years 4 months ago #36883

  • Daemonic
  • Daemonic's Avatar
  • Offline
  • New Member
  • Posts: 3
  • Karma: 0
Hiya,

Further to my other post, i have re-jigged the topology as follows;
[code:1]NET <--> RTR <--> ASA5505 <--+--> WEBSERVER
+--> INSIDE
RTR = 192.168.1.1/24
ASA5505 = 192.168.1.100/24, 10.0.0.1/24
WEBSERVER = 10.0.0.5/24
INSIDE = 10.0.0.6/24[/code:1]
My config is now as follows;
Interfaces:[code:1]interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 192.168.1.100 255.255.255.0[/code:1]
ACL/PAT/ROUTE:[code:1]access-list outside_access_in extended permit tcp any host 192.168.1.100 eq www
access-list outside_access_in extended permit tcp any host 192.168.1.100 eq https
access-list outside_access_in extended permit tcp any host 192.168.1.100 eq ssh
access-list outside_access_in extended permit icmp any any echo-reply
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface www 10.0.0.5 www netmask 255.255.255.255
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 192.168.1.1 1
[/code:1]
I can do the following;
  • INSIDE can access the internet - good
  • INSIDE can access WEBSERVER using 10.0.0.5 - good
  • WEB can access WEBSERVER using 192.168.1.100 - good
What i would like to also be able to do is for the INSIDE machine to somehow loop back through the ASA to access the WEBSERVER using the outside address.

Is this possible? If so could anyone point me in the right direction. As everything ive tried so far has failed :([/list]
The administrator has disabled public write access.
Time to create page: 0.069 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup