Accessing external IP Addresses from inside network?
Posted on 2004-09-18
Before I begin, I would like to let you know that I am new to Firewall configuration so I apologise in advance if this is an obvious problem!
We are running a Cisco Pix 515e with a simple configuration to protect a few webservers, mailservers and DNS servers. We use internal IP addresses (192.168.0.*) for all the machines on the network and map to these using external IP addresses (62.216.*.*). This works great when we are accessing the resources from outside the network.
The problem I am having is for example I want to send mail from one machine in the network to another. The domain name resolves to the external IP address and this does not appear to be allowed through the firewall, when I do a tracert it does not leave the network (I presume because it is set to map this address to an internal address). I can send mail to completely external addresses on other networks without a problem.
To set up the mapping I used the command:
static(inside,outside) 62.216.*.* 192.168.0.*netmask 255.255.255.255 0 0
Is there anything I need to add to the config to allow the internal network to access the external IP addresses from inside the network?
Thanks in anticipation for your help.