[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Using Alias to translate external IP address to Internal but only on Inside interface.

Posted on 2006-03-26
5
Medium Priority
?
227 Views
Last Modified: 2010-04-08
Hi

I have a Pix 515 which is translating external IP addresses into internal IPs using the Static command. This works when users outside the network enter an external IP as it is translatied into one of the internal IPs on the network. But what does not appear to happen is that if a user within the network enters an external IP it is not translating this to the internal Ip address. At present the main NAT is setup as follows:

static (inside,outside) 99.99.99.99 192.168.0.x netmask 255.255.255.255 0 0

I have tried using Alias as follows:

alias (inside) 192.168.0.x 99.99.99.99 255.255.255.255

but this does not seem to work

Any suggestions would be appreciated.
0
Comment
Question by:jonhalton
  • 3
  • 2
5 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16295064
0
 

Author Comment

by:jonhalton
ID: 16295122
Hi

Yes, I have seen this and this is why I tried

alias (inside) 192.168.0.x 99.99.99.99 255.255.255.255

I have tested by running a tracert of the external address from within the network and it just times out. If I run the tracert using the internal address it finds in 1 hop. From this I am concluding that the translation is not converting external address to the internal one when inside the network. None of the machines on the network use the external address so it should be going through the firewall to find it. Would you say this is the case or am I missing something?
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 16295166
Remember that the translation works by the DNS translation. Not sure if it does it directly by IP address though hence the name DNS Doctoring.
I assume you are making the call by the FQDN name?

If you do an nslookup from a client on the fqdn, what does it return?

0
 

Author Comment

by:jonhalton
ID: 16295344
Sorry, yes, I forgot about that, after trying using the domain name, it is translating correctly.

Thank you for your assistance.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 16295358
Your welcome.

regards
keith
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
With just a little bit of  SQL and VBA, many doors open to cool things like synchronize a list box to display data relevant to other information on a form.  If you have never written code or looked at an SQL statement before, no problem! ...  give i…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question