ASA and PAT issue

- R
- Robert Hass
  
  Contact options for registered users
posted
17 years ago

Wed, Jul 19, 2006 10:28 PM

Hi I made static NAT entry to transmit HTTPS requests from Internet to our WWW server inside LAN. Configuration of ASA5510 below:

interface Ethernet0/0 nameif outside security-level 0 ip address 1.1.1.30 255.255.255.224 ! interface Ethernet0/1 nameif inside security-level 100 ip address 192.168.24.1 255.255.255.0 ! nat-control global (outside) 1 interface nat (inside) 1 0.0.0.0 0.0.0.0 ! access-list OUT extended permit tcp any host 1.1.1.30 eq https static (inside,outside) tcp 1.1.1.30 https 192.168.24.10 https netmask

255.255.255.255 access-group OUT in interface outside

Question: Will users from LAN have access to https://1.1.1.30 ? If not is any way/configuration to resolv this issue ?

Thanks, Robert

Loading thread data ...

- W
- Walter Roberson
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Thu, Jul 20, 2006 2:47 AM

No.

Either throw hardware at the problem, or else Don't Do That.

Configuring things to work nicely is relatively easy when you use host names, but a pain when you use IP addresses directly.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.